[tech] isec-ptrace-kmod-exploit
Grahame Bowland
grahame at angrygoats.net
Fri Jun 6 11:16:13 WST 2003
On Fri, 2003-06-06 at 10:41, Davyd wrote:
> This seems twisted and wrong.
>
> I have a system patched against this exploit (2.4.21-rc7-ac1). However,
> it only protects against versions of the exploit I compiled after I
> started running a patched kernel.
> Any version I compiled before I had a patched kernel still works on my
> system, and still gives me root.
> However, a version copied from another machine, compiled before the
> patch, won't give me root (this implies that we should be safe).
>
> Can anyone explain this?
I'm guessing you forgot to remove the SUID bit from the pre-compiled
version before you ran it on the patched system. AFAIK that exploit just
sets the suid bit on itself.
More information about the tech
mailing list