root shell exploit still working in kernel 2.4.21

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Thomas Frase" <thomas.frase@herr-der-mails.de>
To: <linux-kernel@vger.kernel.org>
Subject: root shell exploit still working in kernel 2.4.21
Date: Fri, 20 Jun 2003 16:29:59 +0200	[thread overview]
Message-ID: <004d01c33738$7031e440$0200a8c0@brainbug> (raw)

hello!

the problem:
i tried an exploit (url given below) with debian woody kernel 2.4.18
and self compiled kernel 2.4.21 resulting in a root shell.

exploit code url: (found via google)
http://isec.pl/cliph/isec-ptrace-kmod-exploit.c

as described in the source the exploit uses the well known ptrace bug
which i thought was fixed in kernel 2.4.21.

i don't know why it still works or how to fix it. i told someone people
in #debian.de (quakenet) about the results of the exploit and they
asked me to post a bug report here.

greetings
    thomas f.
    (germany)

Kernel 2.4.21 infos:

Output from ver_linux:
-------------------------------------------------
Linux xXxXx 2.4.21 #1 SMP Fri Jun 20 14:25:09 CEST 2003 i686 unknown

Gnu C                  2.95.4
Gnu make               3.80
util-linux             2.11z
mount                  2.11z
modutils               2.4.21
e2fsprogs              1.27
PPP                    2.4.1
Linux C Library        2.3.1
Dynamic linker (ldd)   2.3.1
Procps                 3.1.9
Net-tools              1.60
Console-tools          0.2.3
Sh-utils               2.0.11
Modules Loaded
-------------------------------------------------

Output from /proc/version:
-------------------------------------------------
Linux version 2.4.21 (root@xXxXx) (gcc version 2.95.4 20011002 (Debian
prerelease)) #1 SMP Fri Jun 20 14:25:09 CEST 2003
-------------------------------------------------

next             reply	other threads:[~2003-06-20 14:15 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-06-20 14:29 Thomas Frase [this message]
2003-06-20 14:34 ` root shell exploit still working in kernel 2.4.21 Rus Foster
2003-06-20 14:44   ` Thomas Frase
2003-06-20 14:55 ` Richard B. Johnson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='004d01c33738$7031e440$0200a8c0@brainbug' \
    --to=thomas.frase@herr-der-mails.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=thomas.frase@ist-einmalig.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.