Re: [DSA 1494-1] Still vulnerable?
* Florian Weimer <fw@deneb.enyo.de> wrote:
> * Jens Schüßler:
>
> > I just upgraded my linux-source-2.6.18 to 2.6.18.dfsg.1-18etch1_all and
> > build a new linux-image. But after installing an rebooting I still was
> > able to become root with this exploit:
> > http://milw0rm.com/exploits/5092
> >
> > Can anyone reproduce this?
>
> Not in our tests. Are you sure you're running the new kernel? What
> does "uname -a" say?
$uname -a
Linux algol 2.6.18+2008-02-12 #1 Tue Feb 12 16:49:10 CET 2008 i686 GNU/Linux
As I said, fresh compiled from the new sources-Packet
horst@algol:~$ tmp/splice_ex
-----------------------------------
Linux vmsplice Local Root Exploit
By qaaz
-----------------------------------
[+] mmap: 0x0 .. 0x1000
[+] page: 0x0
[+] page: 0x20
[+] mmap: 0x4000 .. 0x5000
[+] page: 0x4000
[+] page: 0x4020
[+] mmap: 0x1000 .. 0x2000
[+] page: 0x1000
[+] mmap: 0xb7d92000 .. 0xb7dc4000
[+] root
root@algol:~#
??
>
> Has this machine been upgraded from sarge? Then you need to edit
> /etc/kernel-img.conf to adjust the path to update-grub (or just use
> "update-grub" without path).
update-grub runs normal, this postinstall line is there for long time.
Greets
Jens
Reply to: