From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Fri, 14 Jul 2006 01:12:34 +0400 From: "Dmitry V. Levin" To: ALT Linux sysadmin discuss Message-ID: <20060713211234.GA22292@basalt.office.altlinux.org> References: <20060713094416.GQ26570@osdn.org.ua> <20060713095034.GA23205@immo.ru> <20060713104810.GA27955@basalt.office.altlinux.org> <20060713210133.GA26570@osdn.org.ua> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline In-Reply-To: <20060713210133.GA26570@osdn.org.ua> X-fingerprint: FE4C 93AB E19A 2E4C CB5D 3E4E 7CAB E6AC 9E35 361E Subject: Re: [Sysadmins] Fwd: Linux Kernel 2.6.x PRCTL Core Dump Handling - Local r00t Exploit ( BID 18874 / CVE-2006-2451 ) X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.7 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Jul 2006 21:12:38 -0000 Archived-At: List-Archive: --NzB8fVQJ5HfG6fxh Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 14, 2006 at 12:01:33AM +0300, Michael Shigorin wrote: > On Thu, Jul 13, 2006 at 02:48:10PM +0400, Dmitry V. Levin wrote: > > > > =EE=C1=D0=CF=CD=C9=CE=C1=C0 =D4=C5=CD, =D5 =CB=CF=C7=CF linux-2.6 = =CE=C1 =D3=C5=D2=D7=C5=D2=C1=C8, =DE=D4=CF =D7 2.6.13 > > > > =C4=CF 2.6.17.4 =C9=CC=C9 2.6.16.24 =CD=CF=D6=C5=D4 =C2=D9=D4=D8 = =CE=C5=DA=C1=D4=CB=CE=D5=D4 local root =C9 > > > > =DC=CB=D3=D0=CC=CF=CA=D4 =D5=D6=C5 =CF=D0=D5=C2=CC=C9=CB=CF=D7=C1= =CE. > > > > chdir("/etc/cron.d"); > > > =F7=CF=D4 =D4=D5=D4 =CF=CE=CF =C2=CC=C1=C7=CF=D0=CF=CC=D5=DE=CE=CF = =C8=D7=C1=D4=C1=C5=D4 -EPERM =C9 =CF=D4=D7=C1=CC=C9=D7=C1=C5=C3=C3=CF. > > =F5 =CB=C1=D4=C1=CC=CF=C7=CF=D7 /etc/cron.d =C9 /etc/cron.*ly =D0=D2=C1= =D7=C1 =C4=CF=D3=D4=D5=D0=C1 0750 =CB=C1=CB > > =CD=C9=CE=C9=CD=D5=CD =D3=CF =D7=D2=C5=CD=A3=CE ALM20; =D1 =CB=C1=CB = =D7 =D7=CF=C4=D5 =C7=CC=D1=C4=C5=CC. :) >=20 > =ED=CF=C7=D5 =D3=CC=CF=CD=C1=D4=D8 =C9=C8 =C4=CF =D3=CF=D3=D4=CF=D1=CE=C9= =D1 =FA=C1=DD=C9=DD=A3=CE=CE=CF=C7=CF =F2=C8=C5=CC=C1 =C9 =C5=DD=A3 =D2=C1= =DA > =D0=CF=D0=D2=CF=C2=CF=D7=C1=D4=D8, =D4=CF=CC=D8=CB=CF =D4=CF=C7=C4=C1 =CE= =C1=C4=CF core->/dev/null =CF=D0=D1=D4=D8 =D5=C2=C9=D2=C1=D4=D8... > =C1 =CF=CE=CF =CB=C1=CB-=D4=CF =C9 =CC=C5=CE=C9=D7=CF ;-) =F1 =CE=C5 =D0=CF=CE=D1=CC, =CF =DE=A3=CD =DC=D4=CF =D4=D9? Exploit =CE=C5= =D2=C1=C2=CF=D4=C1=C5=D4 =C2=CC=C1=C7=CF=C4=C1=D2=D1 =D0=D2=C9=CE=D1=D4=D9= =CD =CD=C5=D2=C1=CD =D0=D2=C5=C4=CF=D3=D4=CF=D2=CF=D6=CE=CF=D3=D4=C9, =DE=D4=CF =CE=C5 =CF=D3= =D7=CF=C2=CF=D6=C4=C1=C5=D4 =CF=D4 =CE=C5=CF=C2=C8=CF=C4=C9=CD=CF=D3=D4=C9 = =CF=C2=CE=CF=D7=C9=D4=D8 =D1=C4=D2=CF =C9=DA =F3=C9=DA=C9=C6=C1. > =E4=C9=CD, =CD=CF=D6=C5=D4, =D4=C5=C2=C5 =CE=C1=D0=CF=CD=C9=CE=C1=CC=CB= =D5 =D0=CF=D7=C5=D3=C9=D4=D8 =D0=D2=CF =DC=D4=D5 =CE=C1=D3=D4=D2=CF=CA=CB= =D5 =C8=CF=D4=D1 =C2=D9 > =D7 =DA=C1=D2=C5=CD=C1=D2=C5=CE=CE=CF=CD =D7=C9=C4=C5 =D7 sysctl.conf? =F0=CF=D7=C5=D3=D8, =C5=D3=CC=C9 =CE=C5 =D4=D2=D5=C4=CE=CF. =EB=CF=D2=CB= =C9 =CE=C1 =D3=C5=D2=D7=C5=D2=C5 =CE=C5 =CE=D5=D6=CE=D9. --=20 ldv --NzB8fVQJ5HfG6fxh Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEtrdCfKvmrJ41Nh4RAvUPAJ4uoQqcS1zkqqKLZXa38j90bby7ggCdGOpy NO3tcJCzL2SPUu1Yp0o2T6w= =Nhcc -----END PGP SIGNATURE----- --NzB8fVQJ5HfG6fxh--