ptrace kernel flaw
elaine at fwsystems.com
Wed Mar 19 12:19:22 GMT 2003
As most lunar users are probably aware, a local-root vulnerability in
all kernels from 2.2 to 2.4.20 was announced on lkml this week.
An exploit was posted to lkml this morning, not surprising, as it's
not a difficult issue to exploit.
Because non-root exploits are common, and because many apache scripting
applications (PHP etc) allow a remote user to give untrusted data to
a local shell the likelihood that there some systems could be vulnerable
to remote attack is moderatly high.
Also, there may be non-root remote exploits that attackers have
developed and are holding in reserve for appearance of a local privilege
At this time, 2 of lunar's supported kernel flavors have been patched.
If your system may be vulnerable you should be able to use either
linux-stable or linux-grsec(niki's addition of gr-sec to dem's patchset
have been patched to fix this flaw.
More information about the Lunar