From: Oliver Welter (mail_at_oliwel.de)
Date: Thu 12 May 2005 - 22:17:09 BST

• Previous message: Bodo Eggert: "Re: [Vserver] Extra root security"
• In reply to: Herbert Poetzl: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
• Next in thread: Mike Tierney: "RE: [Vserver] ELF Loader Bug exploitable inside a vServer"
• Reply: Mike Tierney: "RE: [Vserver] ELF Loader Bug exploitable inside a vServer"

Hello Herbert,

>>serious problem:
>>I read about the new BufferOverflow in the kernel's ELF Loader - it
>>seems that an unprivileged attacker can start process in the kernels
>>context..
>
> details?
>
> - which issue?
> - what kernels are affected?
> - how does the 'exploit' look like?

I reffered to the Announce on heise
(http://www.heise.de/newsticker/meldung/59498) - I did not any
additional research as I dont have much knowldeg about kernel but this
one here sounds serioius as it might allow loading a compromised
kernel-space programm by simply running an infected binary....

Oliver

-- 
Diese Nachricht wurde digital unterschrieben
oliwel's public key: http://www.oliwel.de/oliwel.crt
Basiszertifikat: http://www.ldv.ei.tum.de/page72

• application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

• Previous message: Bodo Eggert: "Re: [Vserver] Extra root security"
• In reply to: Herbert Poetzl: "Re: [Vserver] ELF Loader Bug exploitable inside a vServer"
• Next in thread: Mike Tierney: "RE: [Vserver] ELF Loader Bug exploitable inside a vServer"
• Reply: Mike Tierney: "RE: [Vserver] ELF Loader Bug exploitable inside a vServer"