from small one page howto to huge articles all in one place
 

search text in:





Poll
Which linux distribution do you use?







poll results

Last additions:
using iotop to find disk usage hogs

using iotop to find disk usage hogs

words:

887

views:

90992

userrating:

average rating: 1.7 (82 votes) (1=very good 6=terrible)


May 25th. 2007:
Words

486

Views

206869

why adblockers are bad


Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

words:

161

views:

88432

userrating:

average rating: 1.3 (28 votes) (1=very good 6=terrible)


April, 26th. 2006:

Druckversion . pdf icon
You are here: System->Security

Not long ago, some people discovered a severe security flaw in older linux kernels when handling core dumps.

Vulnerable Systems:

  • Linux Kernel 2.6.17.4 and prior
  • Linux Kernel 2.6.16.24 and prior

The kernel does not check write permissions when writing a core file.
If an attacker can change into a directory where he/she doesn't has write permissions and makes a specially crafted file produce a corefile, the attacker might gain root access.

A know exploit uses /etc/cron.* to make a cronjob executed by root. Other atack might be possible, too.

To prevent the exploit above, a chmod 750 /etc/cron.* or a chattr -i /etc/cron.dmight prevent this attack.

Options are that you upgrade to the newest kernel as soon as possible or you change the core file name scheme to a absolute path where normal users don't have read/write/execute permission and no program is doing anything with files in this directory.

This vulnerable is criticial, don't delay fixing!

See Also:


rate this article:
current rating: average rating: 1.3 (28 votes) (1=very good 6=terrible)
Your rating:
Very good (1) Good (2) ok (3) average (4) bad (5) terrible (6)

back
Support this site

Please read "Why adblockers are bad".



Other free services
toURL.org
Shorten long
URLs to short
links like
http://tourl.org/2
tourl.org
.
Reverse DNS lookup
Find out which hostname(s)
resolve to a
given IP or other hostnames for the server
www.reversednslookup.org
rdf newsfeed | rss newsfeed | Atom newsfeed
- Powered by LeopardCMS - Running on Gentoo -
Copyright 2004-2013 Sascha Nitsch Unternehmensberatung UG(haftungsbeschränkt)
Valid XHTML1.1 : Valid CSS : buttonmaker
- Level Triple-A Conformance to Web Content Accessibility Guidelines 1.0 -
- Copyright and legal notices -
Time to create this page: 3.6 ms