Launchpad has imported 39 comments from the remote bug at
https://bugzilla.redhat.com/show_bug.cgi?id=516949.
If you reply to an imported comment from within Launchpad, your comment
will be sent to the remote bug automatically. Read more about
Launchpad's inter-bugtracker facilities at
Hi everyone,
I noticed before kernel update (15.49) that sctp and libcrc32 modules
were loaded (2.6.28-15-generic) and AFAIK, SCTP stills experimental.
Well, since config.gz isn't available under /proc, could I use /usr/src
/linux-headers-2.6.28-15-generic/.config as reference?
Thanks in advance
You need to reboot for the kernel to be reloaded. As for config, see
/boot/config-$(uname -r)
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2692
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Why THE HELL is bug Medium? Every idiot is able to get root privileges
within a minute on every ubuntu system world wide and you think this
just a medium problem?
And why is this hole still gaping wide open, even more then 48 hours
after debian released a fix for the bug?
--
Local root exploit
Hi, it's medium because it's local-only, and is not, as you say, an
issue for all Ubuntu systems -- only those with a non-default
/proc/sys/vm/mmap_min_addr setting. Additionally, there are work-around
available while the fix is being worked oni. Debian was more
vulnerable, so they acted more
Your statement is false; I've just successfully used the famous exploit
( http://grsecurity.net/~spender/wunderbar_emporium.tgz ) to gain root
privileges on a fresh bootet Ubuntu 9.04 x86 Live CD.
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
I must apologise: After a little more research I found out that this
might actually be connected to some older bug, that is already fixed. I
didn't know that this exploit tries out more than one way to break the
security ;-)
But even given that I don't really change my opinion - I do not have a
Correct, the Live CD does not contain an updated kernel for the
personality-via-pulse exploit (CVE-2009-1895), fixed in USN-807-1, which
allowed mmap_min_addr to be bypassed. Ubuntu with Wine installed are
most likely to be single-user systems, which helps reduce the number of
people in real
Released as: http://www.ubuntu.com/usn/usn-819-1
** Changed in: linux (Ubuntu Hardy)
Status: Triaged = Fix Released
** Changed in: linux (Ubuntu Intrepid)
Status: Triaged = Fix Released
** Changed in: linux (Ubuntu Jaunty)
Status: Triaged = Fix Released
** Changed in:
** Changed in: linux (Ubuntu Karmic)
Status: Triaged = Fix Released
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
This patch should be applied to fix this issue.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received
From my admittedly limited understanding mmap_min_addr can be gotten
around with suid executables, pulseaudio is used in the published
exploits. If this is the case, wouldn't 8.04 and above, unpatched, be
exploitable via suid executables, even with the mmap_min_addr set above
0?
That issue was fixed in the last kernel update (USN-807-1) as
CVE-2009-1895.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1895
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1895
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops
Ubuntu 8.04 and later have a default setting of 65536 in
/proc/sys/vm/mmap_min_addr. When set, this issue is blocked. If your
value is 0, please purge the wine and dosemu packages, and reset the
value:
sudo apt-get purge wine dosemu
echo 65536 | sudo tee /proc/sys/vm/mmap_min_addr
On Ubuntu
** Changed in: linux (Fedora)
Status: Unknown = Confirmed
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
https://bugs.launchpad.net/bugs/413656
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
** Description changed:
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
** Description changed:
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
** Description changed:
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
Patch:
Not sure about 8.04 and above with mmap_min_addr set 0 if SELinux is
implemented, according to the Mitigation section of the following post:
http://seclists.org/fulldisclosure/2009/Aug/0173.html
--
Local root exploit via CVE-2009-2692 (incorrect proto_ops initializations)
SELinux is not a default on Ubuntu, but if it is enabled, the work-
arounds above could be used instead.
** Description changed:
Binary package hint: linux-image-2.6.15-54-server
CVE Candidate is CVE-2009-2692
Exploit:
http://seclists.org/fulldisclosure/2009/Aug/0180.html
21 matches
Mail list logo
