Bugtraq mailing list archives
Re: local root on linux 2.2.15
From: cadence () APOLLO ACI COM PL (Tomasz Grabowski)
Date: Thu, 8 Jun 2000 21:54:51 +0200
I did not discover this bug, I only extrapolated from the small info I had: 'it has to do with capsuid' 'sendmail is vulnerable, crond is not'. Some reading of the kernel source then suggested the above to me, which has been confirmed by a more knowledgeable source.
Crontab IS vulnerable, but it will only give you egid=0 (at least at RedHat 5.1 with 2.2.12 kernel).
Current thread:
- local root on linux 2.2.15 Peter van Dijk (Jun 07)
- Mcafee Alerting DOS vulnerability Harry Schmilllson (Jun 07)
- Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 08)
- Re: local root on linux 2.2.15 Tomasz Grabowski (Jun 08)
- Re: local root on linux 2.2.15 Philip Guenther (Jun 08)
- Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 12)
- Re: local root on linux 2.2.15 Jeff Dafoe (Jun 14)
- Re: local root on linux 2.2.15 Wojciech Purczynski (Jun 14)
- MS-040 'proof of concept' code Renaud Deraison (Jun 13)
- <Possible follow-ups>
- Re: local root on linux 2.2.15 Tollef Fog Heen (Jun 11)
- Re: local root on linux 2.2.15 Peter da Silva (Jun 15)
- Re: local root on linux 2.2.15 Firstname Lastname (Jun 15)
- Re: local root on linux 2.2.15 Robert Watson (Jun 18)
- Re: local root on linux 2.2.15 Peter da Silva (Jun 15)