[Tfug] Kernel Exploit NOT Debian-specific
Angus Scott-Fleming
angussf at geoapps.com
Mon Dec 1 15:58:48 MST 2003
Lots of folks here running Debian ... and other distros ...
Developers: Kernel Exploit Cause Of Debian Compromise
Posted by simoniker on 14:40 Monday 01 December 2003
from the slightly-disturbing dept.
mbanck writes "The cause of the recent Debian Project
server compromise has been published by the Debian
security team: 'Forensics revealed a burneye encrypted
exploit. Robert van der Meulen managed to decrypt the
binary which revealed a kernel exploit. Study of the
exploit by the RedHat and SuSE kernel and security teams
quickly revealed that the exploit used an integer
overflow in the brk system call. Using this bug it is
possible for a userland program to trick the kernel into
giving access to the full kernel address space'. This
issue has been fixed in 2.4.23. Thus, the Linux kernel
compromise was not Debian specific."
http://developers.slashdot.org/article.pl?sid=03/12/01/2133249
--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
http://www.geoapps.com/
---------------------------------------------------------
More information about the tfug
mailing list