www.LinuxHowtos.org
edit this article
Teaser
:
Content
:
Not long ago, some people discovered a severe security flaw in older linux kernels when handling core dumps. Vulnerable Systems: * Linux Kernel 2.6.17.4 and prior * Linux Kernel 2.6.16.24 and prior The kernel does not check write permissions when writing a core file.
If an attacker can change into a directory where he/she doesn't has write permissions and makes a specially crafted file produce a corefile, the attacker might gain root access. A know exploit uses /etc/cron.* to make a cronjob executed by root. Other atack might be possible, too. To prevent the exploit above, a chmod 750 /etc/cron.* or a chattr -i /etc/cron.dmight prevent this attack. Options are that you upgrade to the newest kernel as soon as possible or you [/Tips%20and%20Tricks/coredump.htm change the core file name scheme] to a absolute path where normal users don't have read/write/execute permission and no program is doing anything with files in this directory. This vulnerable is criticial, don't delay fixing! See Also: * [http://www.securiteam.com/exploits/5OP0C0UJ5Y.html Securiteam: Linux Kernel 2.6.x PRCTL Core Dump Handling (Exploit)]
Note: The changes you made will be manually reviewed for spam before appearing online. This might take a while.
rate this article:
current rating: average rating: 1.4 (42 votes) (1=very good 6=terrible)
Your rating:
Very good (1)
Good (2)
ok (3)
average (4)
bad (5)
terrible (6)
back