Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Full-disclosure] Linux Kernel 2.6.x PRCTL Core Dump Handling - simple workaround
From: PERFECT.MATERIAL (perfect.materialgmail.com)
Date: Thu Jul 13 2006 - 18:55:10 CDT
Matt Murphy write:
>If you actually bothered to read ANY of the vendor advisories on this
>issue, you'd know why. The vulnerability exists because the kernel
>DOES NOT VERIFY write permissions to core dump directories. If your
>users actually have write permissions to /etc/cron.d, do the world a
>favor and disconnect from the internet as soon as humanly possible.
I think the nigger is calling the kettle a junglebunny here. Do you know
how CHDIR(2) works Matthew Murphy? Try to CHDIR(2) into a directory to
which you do not have execute privileges!!!
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/