From: Luís Miguel Silva (lms_at_ispgaya.pt)
Date: Mon 24 Mar 2003 - 17:21:23 GMT
I should have given the url to a working exploit on my original post.
So, here it is:
http://august.v-lo.krakow.pl/~anszom/km3.c
-----Mensagem original-----
De: Cedric Veilleux [mailto:cedric_at_neopeak.com]
Enviada: segunda-feira, 24 de Março de 2003 1:20
Para: vserver_at_solucorp.qc.ca; Luís Miguel Silva
Assunto: Re: [vserver] Linux kmod/ptrace bug!
I applied the ptrace patch on top of vanilla kernel, then the ctx16 patch
and
then the ctx16-1 patch. The kernel compiled fine and I am using it right
now.
All patches applied without rejects. I haven't tested if it is still
vulnerable to that ptrace exploit simply because I don't know how this hole
is exploited.
Cedric
Le 24 Mars 2003 10:45, Luís Miguel Silva a écrit :
> Hello everybody,
>
> I've been busy the last couple of days so i just cut off any local access
> on my servers because of the latest kernel bug. >:o)
>
> Has anybody patched (or as a working patch) against the vanilla + vserver
> patched kernel?
>
> I havent tried to patch it (yeat) but it will *probably* work out on a lot
> of errors.
>
> I also couldnt find any official patch, just this one:
> http://www.hardrock.org/kernel/2.4.20/linux-2.4.20-ptrace.patch (is it
> official?)
>
> Either way, as anybody patched the 2.4.20 kernel successfully with the
> vserver patch included?
>
> Regards,
> +-----------------------------------------
>
> | Luís Miguel Silva
> | Network Administrator@ ISPGaya.pt
> | Rua António Rodrigues da Rocha, 291/341
> | Sto. Ovídio • 4400-025 V. N. de Gaia
> | Portugal
> | T: +351 22 3745730/3/5 F: +351 22 3745738
> | G: +351 93 6371253 E: lms_at_ispgaya.pt
> | H: http://lms.ispgaya.pt/
>
> +-----------------------------------------