ProServe - Peter Batenburg wrote: > > Hi Jeff, > > I have to correct you there. It is a new bug, and not an old one. openwall > is one of the best kernel dev. group when it comes to security. And this > has only been released today.
From: http://www.kb.cert.org/vuls/id/176888 Date Public 03/26/2001 Date First Published 07/18/2001 02:59:17 PM Date Last Updated 07/24/2001 CERT Advisory CVE Name CVE-2001-0317 Metric 9.70 Document Revision 25 This vulnerability exploits a race condition that allows an attacker to use ptrace, or similar function (procfs), to attach to and, thus, modify a running setuid process. This enables the attacker to execute arbitratry code with elevated (root) privilege. Starting to sound familiar? > Peter Batenburg HTH, HAND. Rev. wRy -- Remember, the best magic tricks are always the ones that other people will hurt themselves trying to do. That, to me, is the real magic. - Rev. Syd Midnight _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
