Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Linux kernel sysctl() vulnerability
From: Aleksander Kamil Modzelewski <noir () VORTEX EFEKT PL>
Date: Sat, 10 Feb 2001 22:18:31 +0100
On Sat, Feb 10, 2001 at 10:28:01AM +0100, Florian Weimer wrote:

There exists a Linux system call sysctl() which is used to query and
modify runtime system settings. Unprivileged users are permitted to query
the value of many of these settings.

It appears that all current Linux kernel version (2.2.x and 2.4.x) are
vulnerable.  Right?

But not in Alan Cox'es version.
In 2.4.1-ac4:

/* The generic string strategy routine: */
int sysctl_string(ctl_table *table, int *name, int nlen,
                  void *oldval, size_t *oldlenp,
                  void *newval, size_t newlen, void **context)
{
        size_t l, len;

Another thing is, that t shows, that someone already noticed the
problem :/

Greets
Aleksander Kamil Modzelewski
ps. This is my first posting. Hope I did not make a fall-start :)
pps. OK, I did, but this is a long story :)

--
/==]n0iR[==++++.__                                                          /\
| noir () efekt pl   `\     BOFH excuse #89: Electromagnetic energy loss       `|
+ BOFH #1 of #radom `\                                                       |
|\  UIN: #89507110    `\                                                     |
\--\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~/'

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]