Full Disclosure mailing list archives
Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround
From: lars brun nielsen <lbn () carbon14 dk>
Date: Thu, 13 Jul 2006 09:09:38 +0200
hi, setting 750 on /etc/cron.* would stop this exploit /lars
if ( !( child = fork() )) { chdir("/etc/cron.d"); prctl(PR_SET_DUMPABLE, 2); sleep(200); exit(1);
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Roman Medina-Heigl Hernandez (Jul 11)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Ariel Biener (Jul 12)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) Ariel Biener (Jul 12)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround lars brun nielsen (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Matthew Murphy (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Michal Zalewski (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Matthew Murphy (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround PERFECT . MATERIAL (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Kyle Lutze (Jul 13)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Jon Hart (Jul 14)
- Re: Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround Matthew Murphy (Jul 13)