[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround

To: Roman Medina-Heigl Hernandez <roman@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround
From: lars brun nielsen <lbn@xxxxxxxxxxx>
Date: Thu, 13 Jul 2006 09:09:38 +0200

hi,

setting 750 on /etc/cron.* would stop this exploit

/lars
>
>     if ( !( child = fork() )) {
>         chdir("/etc/cron.d");
>         prctl(PR_SET_DUMPABLE, 2);
>         sleep(200);
>         exit(1);

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround
  - From: Matthew Murphy

References:
- [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )
  - From: Roman Medina-Heigl Hernandez

Prev by Date: [Full-disclosure] Preliminary CFP:The 2nd International Conference on Availability, Reliability and Security (ARES 07), Vienna, Austria, April 10-13, 2007
Next by Date: RE: [Full-disclosure] MIMESweeper For Web 5.X Cross Site Scripting
Previous by thread: Re: [Full-disclosure] Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 )
Next by thread: Re: [Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround
Index(es):
- Date
- Thread