Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux kernel uselib() privilege elevation, corrected

From: Gaz Wilson <dragon () dragons org uk>
Date: Tue, 11 Jan 2005 16:07:21 +0000 (GMT)
On Tue, 11 Jan 2005, Athanasius wrote:


On Tue, Jan 11, 2005 at 07:56:32AM +0000, Marcy Darcy wrote:

I'm running a small server with the 2.6.10 kernel.

The exploit doesen't seem to be working on this kernel. Is there a way
to make sure the sistem is vulnerable or not?


  I couldn't get the exploit to work for 2.6.10 either.  First there's
changing a struct in it to user_desc to make it compile, then it just
SEGVs all the time here.


I get it compiled and running on 2.6.8, but it doesn't do anything, other
than hog all available CPU for about 10-15 minutes followed by:

[-] FAILED: try again (-f switch) and again (Cannot allocate memory)
Killed

The same thing happens with the -f switch, except the process gets stopped
(SIGSTOP) instead of killed after the alloted time.

-- 
   /           Gary Wilson, aka dragon/dragonlord/dragonv480            \
 .'(_.------.  e: dragon () northernscum org uk MSN: dragonv480   .------._)`.
<   _       |  Skype:dragonv480 ICQ:342070475 AIM:dragonv480   |       _   >
 `.( `------'     w: http://volvo480.northernscum.org.uk       `------' ).'
   \                w: http://www.northernscum.org.uk                   /
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: