Kernel fchown() exploit status?

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* Kernel fchown() exploit status?
@ 2004-07-08 21:06 Chris White
  2004-07-08 21:54 ` Manuel Arostegui Ramirez
  2004-07-08 23:24 ` Chris Wright
  0 siblings, 2 replies; 6+ messages in thread
From: Chris White @ 2004-07-08 21:06 UTC (permalink / raw)
  To: linux-kernel

There was a recent security announcment regarding a vulnerability with 
the fchown function.

Only a few distrobutions (red hat/suse) have fixed the issue, but I've 
yet to see a general patch for it.

Information regarding the issue is here:

http://xforce.iss.net/xforce/xfdb/16599

I searched around the archive databases, but did not come up with it 
(unless I skipped over something accidentaly)

Thank you for your time and appologies if this is a duplicate.

-----------------
Chris White

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Kernel fchown() exploit status?
  2004-07-08 21:06 Kernel fchown() exploit status? Chris White
@ 2004-07-08 21:54 ` Manuel Arostegui Ramirez
  2004-07-08 23:24 ` Chris Wright
  1 sibling, 0 replies; 6+ messages in thread
From: Manuel Arostegui Ramirez @ 2004-07-08 21:54 UTC (permalink / raw)
  To: Chris White, linux-kernel

El Jueves 08 Julio 2004 23:06, Chris White escribió:
> There was a recent security announcment regarding a vulnerability with
> the fchown function.
>
> Only a few distrobutions (red hat/suse) have fixed the issue, but I've
> yet to see a general patch for it.
>
> Information regarding the issue is here:
>
> http://xforce.iss.net/xforce/xfdb/16599
>
> I searched around the archive databases, but did not come up with it
> (unless I skipped over something accidentaly)
>
> Thank you for your time and appologies if this is a duplicate.
>
> -----------------
> Chris White

Thanks for the patch, I haven't read about it before.

-- 
Manuel Arostegui Ramirez #Linux Registered User 200896


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Kernel fchown() exploit status?
  2004-07-08 21:06 Kernel fchown() exploit status? Chris White
  2004-07-08 21:54 ` Manuel Arostegui Ramirez
@ 2004-07-08 23:24 ` Chris Wright
  2004-07-09  9:46   ` Michael Buesch
  1 sibling, 1 reply; 6+ messages in thread
From: Chris Wright @ 2004-07-08 23:24 UTC (permalink / raw)
  To: Chris White; +Cc: linux-kernel

* Chris White (webmaster@securesystem.info) wrote:
> There was a recent security announcment regarding a vulnerability with 
> the fchown function.
> 
> Only a few distrobutions (red hat/suse) have fixed the issue, but I've 
> yet to see a general patch for it.

Patches are in both 2.4 and 2.6 bk trees.  2.4.27-rc3 has this fixed.
There hasn't been a 2.6.8-rc release since the patches went in to 2.6

For 2.4 see these patches:
http://linux.bkbits.net:8080/linux-2.4/cset@40e725f8sMbNK6BEQmRi5fWfux8l8A
http://linux.bkbits.net:8080/linux-2.4/cset@40e733598ODR85iS5HRft0zJTnDCHA

For 2.6 see these patches:
http://linux.bkbits.net:8080/linux-2.6/cset@40e62e18vom8K1fHgbJfe1oQ6mdkkQ
http://linux.bkbits.net:8080/linux-2.6/cset@40e6158bme9avS6IqahBN0wa9zx7LQ

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Kernel fchown() exploit status?
  2004-07-08 23:24 ` Chris Wright
@ 2004-07-09  9:46   ` Michael Buesch
  2004-07-09 10:02     ` Manuel Arostegui Ramirez
  2004-07-09 18:17     ` Chris Wright
  0 siblings, 2 replies; 6+ messages in thread
From: Michael Buesch @ 2004-07-09  9:46 UTC (permalink / raw)
  To: Chris Wright; +Cc: Chris White, linux-kernel

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Quoting Chris Wright <chrisw@osdl.org>:
> * Chris White (webmaster@securesystem.info) wrote:
> > There was a recent security announcment regarding a vulnerability with 
> > the fchown function.
> > 
> > Only a few distrobutions (red hat/suse) have fixed the issue, but I've 
> > yet to see a general patch for it.
> 
> Patches are in both 2.4 and 2.6 bk trees.  2.4.27-rc3 has this fixed.
> There hasn't been a 2.6.8-rc release since the patches went in to 2.6

Is there an exploit available to test if the kernel has
this vulnerability?

- -- 
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA7ml2FGK1OIvVOP4RAtU7AKCX9p7P389fBEfb1uY0q0VEgKYYfACgjY3x
X4nZPpoLbFJVpRwQOtKCbOk=
=E2bp
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Kernel fchown() exploit status?
  2004-07-09  9:46   ` Michael Buesch
@ 2004-07-09 10:02     ` Manuel Arostegui Ramirez
  2004-07-09 18:17     ` Chris Wright
  1 sibling, 0 replies; 6+ messages in thread
From: Manuel Arostegui Ramirez @ 2004-07-09 10:02 UTC (permalink / raw)
  To: Michael Buesch, Chris Wright, linux-kernel; +Cc: Chris White

El Viernes 09 Julio 2004 11:46, Michael Buesch escribió:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Quoting Chris Wright <chrisw@osdl.org>:
> > * Chris White (webmaster@securesystem.info) wrote:
> > > There was a recent security announcment regarding a vulnerability with
> > > the fchown function.
> > >
> > > Only a few distrobutions (red hat/suse) have fixed the issue, but I've
> > > yet to see a general patch for it.
> >
> > Patches are in both 2.4 and 2.6 bk trees.  2.4.27-rc3 has this fixed.
> > There hasn't been a 2.6.8-rc release since the patches went in to 2.6
>
> Is there an exploit available to test if the kernel has
> this vulnerability?

Look at this:
http://www.securityfocus.com/bid/10662/exploit/
It says that it's not exploit requiered to exploit this bug.

Any ideas,  Chris White?

Cheers

 
-- 
Manuel Arostegui Ramirez #Linux Registered User 200896


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Kernel fchown() exploit status?
  2004-07-09  9:46   ` Michael Buesch
  2004-07-09 10:02     ` Manuel Arostegui Ramirez
@ 2004-07-09 18:17     ` Chris Wright
  1 sibling, 0 replies; 6+ messages in thread
From: Chris Wright @ 2004-07-09 18:17 UTC (permalink / raw)
  To: Michael Buesch; +Cc: Chris Wright, Chris White, manuel, linux-kernel

* Michael Buesch (mbuesch@freenet.de) wrote:
> Is there an exploit available to test if the kernel has
> this vulnerability?

Just use of chown(2).

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2004-07-09 18:17 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-07-08 21:06 Kernel fchown() exploit status? Chris White
2004-07-08 21:54 ` Manuel Arostegui Ramirez
2004-07-08 23:24 ` Chris Wright
2004-07-09  9:46   ` Michael Buesch
2004-07-09 10:02     ` Manuel Arostegui Ramirez
2004-07-09 18:17     ` Chris Wright

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox