[WBEL-users] Kernel exploit currently on slashdot does not appear
to be a threat
Henry Stilmack
h.stilmack@jach.hawaii.edu
Fri, 07 Jan 2005 15:42:28 -1000
Dean Troyer wrote:
> On Fri, 7 Jan 2005 16:49:42 -0600 (CST), John Morris <jmorris@beau.org> wrote:
>
>>Just compiled the example exploit code featured in a slashdot headline
>>today and it does not appear to be able to produce a root shell on WBEL3.
>>Since RHEL3 should also be safe there probably won't be an errata.
>
>
> I'll confirm this on WBEL kernels 2.4.21-15.EL and 2.4.21-20.EL, also
> on RHEL 2.4.21-4.0.1.ELsmp and 2.4.21-9.EL.
>
> FWIW, 2.4.9-e.24 and 2.4.9-e.43 on RHEL 2.1AS are stack faulting in
> VMware and crashing the VM.
>
>
>
I can't get a root shell on the 2.4.21-20.EL kernel. It took about 15
tries to get the exploit code to work on a RH9 system (2.4.20-31.9), but
I gave up after 30 tries on my WBEL system.
--
Henry Stilmack, CISSP <h.stilmack@jach.Hawaii.Edu> Systems Administrator
UK/Canada/Netherlands Joint Astronomy Centre Tel: +1 808-969-6530
660 N. A'ohoku Place, Hilo, HI 96720 Fax: +1 808-961-6516
PGP key: ID = 05AE83F1 Signature = 53FDAAA963766CCB 47B067F154DC0B92