[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] suse 8.1 : ptrace exploit still working fine!?



On Sun, Nov 30, 2003 at 12:48:23AM +0100, Olivier M. wrote:
> Well... I thought that ptrace problem has been fixed... ? 
> (in suse 8.2 it's fine, the exploit is not working)

Conclusion: after a reboot:

om@box:~/tmp2> ./ptrace 
[*] PID of Parent: 23839
[*] PID of Child: 23840
[*] Attaching to PID 23841
Killed

So the system was uptodate and correctely patched all the time,
but the "problem" was just the uptime of 103 days. Server should 
have been rebooted to activate the protection, which is indeed pretty
logical in case of kernel upgrade   (openssh update : restart
ssh service, kernel update: restart server). 

Thanks to all for the great support & advices and sorry 
for all that noise. At least we won't make the same mistake
again later :)

Something is still strange: the ptrace exploit appeared 
around March/April 2003, and the fixed (suse-)kernel for 8.1 
only in August ?  

Regards,
Olivier

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here