Home page logo

bugtraq logo Bugtraq mailing list archives

Re: [ MDKSA-2006:116 ] - Updated kernel packages fixes multiple vulnerabilities
From: Paul Starzetz <paul () starzetz de>
Date: Thu, 06 Jul 2006 13:13:20 +0200

security () mandriva com wrote:

Prior to 2.6.15, the auto-reap child processes included processes with
ptrace attached, leading to a dangling ptrace reference and allowing
local users to cause a Denial of Service (crash) (CVE-2005-3784).
This information is not fully correct - CVE-2005-3784 leads to an IMMEDIATE root compromise of vulnerable machines. But I'm not going to provide a PoC :-]

with best regards

Paul Starzetz

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]