Vulnerability Development mailing list archives
Re: Local root through vulnerability in ping on linux.
From: Tymm Twillman <tymm () COE MISSOURI EDU>
Date: Sun, 20 Aug 2000 12:10:31 -0500
just out of curiosity, what makes you think it was ping? (and, following that, that it wasn't a rootkit'd ping, or a local user's file named ping that they managed to get suid'd through alternate routes)? There have been problems with ping in the past but I haven't seen anything lately. and at least RedHat's version of ping, last I looked at it, seemed pretty safe if I remember (although I think you mentioned a kernel bug, which would make it likely not matter). Also there aren't a lot of options you can pass ping, only one where you can really pass a string, and that's only 16 bytes, which would *probably* make it difficult to do anything. and you say it's local which cuts down a bit on the possibilities, assuming a properly configured system... definitely curious to hear if you find any further info on this. Thanks, -Tymm On Sun, 20 Aug 2000, Gerrie wrote:
----- Original Message ----- From: "Ralf-Philipp Weinmann"On Sat, 19 Aug 2000, Gerrie wrote:Again some blackhats have a zeroday exploits in their hands. It's exploits a bug in the linux kernel by using ping, does someone have more info?Does that bug actually allow you to increase your privs or is it DoS only ? What kernel versions are concerned ?No it's a exploit to gain root -all evidence point that way-. We haven't reconstructed the situation -yet- and don't have any trace of the exploit. The only fact there is that they had root, and it was a 2.2.16 kernel. gtx, Gerrie btw: didn't ADM have a zeroday ?
Current thread:
- Local root through vulnerability in ping on linux. Gerrie (Aug 19)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 19)
- Re: Local root through vulnerability in ping on linux. Gerrie (Aug 20)
- Re: Local root through vulnerability in ping on linux. Tymm Twillman (Aug 20)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 20)
- Re: Local root through vulnerability in ping on linux. Samu (Aug 20)
- Re: Local root through vulnerability in ping on linux. Pedro Hugo (Aug 20)
- Re: Local root through vulnerability in ping on linux. Peter Batenburg (Aug 21)
- Re: Local root through vulnerability in ping on linux. PatrickM (Aug 21)
- Re: Local root through vulnerability in ping on linux. Martin MaD Douda (Aug 21)
- Re: Local root through vulnerability in ping on linux. Gerrie (Aug 20)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 19)
- <Possible follow-ups>
- Re: Local root through vulnerability in ping on linux. Goense, Jacob (Aug 20)
- Re: Local root through vulnerability in ping on linux. Joe User (Aug 21)
- Re: Local root through vulnerability in ping on linux. Rodrigo Barbosa (aka morcego) (Aug 21)
- Re: Local root through vulnerability in ping on linux. Joe User (Aug 21)