unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
If you compiled and ran the resulting binary before
upgrading your kernel, the isec-ptrace-kmod-exploit
binary may already be set[ug]id, which is a side
effect of running it. Make sure it's not +s and/or
g+s, or better yet just remove it and recompile it.
--- LeVA <[EMAIL PROTECTED]> wrote:
> Hell
On Fri, Mar 21, 2003 at 02:41:44AM +, Dale Amon wrote:
> chkrootkit finds this file:
>
> Searching for suspicious files and dirs, it may take a while...
> /usr/lib/tiger/bin/.bintype
>
> which appears to be quite old. Is this just a leftover
> from a long ago tiger? It only contains "Linux 2
On Sat, 22 Mar 2003, Eduardo Rocha Costa wrote:
> Thanks for the advice, shorewall is very good... only 4 hours and I make
> the configuration !!
Hi, if you want to improve your firewall and security, just see
http://www.netfilter.org
--
Mauricio Alejandro Araya Lopez* User #24939
If you compiled and ran the resulting binary before
upgrading your kernel, the isec-ptrace-kmod-exploit
binary may already be set[ug]id, which is a side
effect of running it. Make sure it's not +s and/or
g+s, or better yet just remove it and recompile it.
--- LeVA <[EMAIL PROTECTED]> wrote:
> Hell
On Fri, Mar 21, 2003 at 02:41:44AM +, Dale Amon wrote:
> chkrootkit finds this file:
>
> Searching for suspicious files and dirs, it may take a while...
> /usr/lib/tiger/bin/.bintype
>
> which appears to be quite old. Is this just a leftover
> from a long ago tiger? It only contains "Linux 2
Hello!
Thanks, that was the problem. The patch works fine.
Ed McMan wrote:
Saturday, March 22, 2003, 8:26:44 PM, debian-security@lists.debian.org
(debian-security) wrote:
LeVA> So it droped me a root shell. Well it is not good I think, after the
LeVA> patch...
People have been saying that
On Sat, 22 Mar 2003, Eduardo Rocha Costa wrote:
> Thanks for the advice, shorewall is very good... only 4 hours and I make
> the configuration !!
Hi, if you want to improve your firewall and security, just see
http://www.netfilter.org
--
Mauricio Alejandro Araya Lopez* User #24939
Hello!
Thanks, that was the problem. The patch works fine.
Ed McMan wrote:
Saturday, March 22, 2003, 8:26:44 PM, [EMAIL PROTECTED] (debian-security) wrote:
LeVA> So it droped me a root shell. Well it is not good I think, after the
LeVA> patch...
People have been saying that one of the exploits
On Saturday 22 Mar 2003 6:36 am, Martin Schulze wrote:
> Nick Boyce wrote :
>
> > I get a bad signature reported by Kmail on this announcement.
> > Saving the message out to a text file and verifying manually also
> > fails :
>
> Ditch KMail, it is a permanent source of problems when it comes to
On Sat, Mar 22, 2003 at 10:58:24AM -0800, Jon wrote:
> On Sat, 2003-03-22 at 04:43, Markus Kolb wrote:
> > Jon wrote:
> >
> > [...]
> >
> > >>
> > >>Linux kmod + ptrace local root exploit by <[EMAIL PROTECTED]>
> > >>
> > >>=> Simple mode, executing /usr/bin/id > /dev/tty
> > >>sizeof(shellcode)=
On Saturday 22 Mar 2003 6:36 am, Martin Schulze wrote:
> Nick Boyce wrote :
>
> > I get a bad signature reported by Kmail on this announcement.
> > Saving the message out to a text file and verifying manually also
> > fails :
>
> Ditch KMail, it is a permanent source of problems when it comes to
On Sat, Mar 22, 2003 at 10:58:24AM -0800, Jon wrote:
> On Sat, 2003-03-22 at 04:43, Markus Kolb wrote:
> > Jon wrote:
> >
> > [...]
> >
> > >>
> > >>Linux kmod + ptrace local root exploit by <[EMAIL PROTECTED]>
> > >>
> > >>=> Simple mode, executing /usr/bin/id > /dev/tty
> > >>sizeof(shellcode)=
Le Sunday 23 March 2003 05:01, Guille -bisho- a écrit :
> >Thus no problem, the patch functions ,-)
> >
> >But so now I launch the same exploit but to compile and use before
> > levelling of the kernel :
> >
> >[EMAIL PROTECTED]:~/ptrace$ ./ptrace-before-compiling
> >[EMAIL PROTECTED]:~/ptrace# id
On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote:
> Would you share your opinions on the following setup for daemons?
> firewall runs
> whois server - gwhois or jwhois?
No services on the firewall. Put that on a machine in the DMZ.
> iptables - firewall
... because it
Le Sunday 23 March 2003 05:01, Guille -bisho- a écrit :
> >Thus no problem, the patch functions ,-)
> >
> >But so now I launch the same exploit but to compile and use before
> > levelling of the kernel :
> >
> >[EMAIL PROTECTED]:~/ptrace$ ./ptrace-before-compiling
> >[EMAIL PROTECTED]:~/ptrace# id
On Saturday, 2003-03-22 at 12:01:13 -0600, Hanasaki JiJi wrote:
> Would you share your opinions on the following setup for daemons?
> firewall runs
> whois server - gwhois or jwhois?
No services on the firewall. Put that on a machine in the DMZ.
> iptables - firewall
... because it
17 matches
Mail list logo