|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] ulimit -v workaround for the do_brk() bug does not work
From: Erik Hensema (erik
hensema.net)
Date: Thu Dec 04 2003 - 03:55:42 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Dec 03, 2003 at 05:22:36PM -0500, GarUlbricht7netscape.net wrote:
> Erik Hensema <erikhensema.net> wrote:
> >
> > Hi,
> >
> > Maybe this has been discussed earlier today on this list,
> > but I've just joined it.
> >
> > I was told that doing a 'limit -v 2097151' would work around
> > the do_brk() bug. Unfortunately it does not :-(
> >
> > The sample exploit posted on bugtraq manages to reboot
> > my SuSE 8.2 machine (standard kernel) despite the ulimit.
>
> Roman in hiw original post suggested two other things
> needed to be done to install this work around:
>
> Add the line
>
> ulimit -v 2097151
[snip]
> It would be best to Read, the entire thread
> "RE: [suse-security] Bugs on Kernel 2.4" at:
> http://lists.suse.com/archive/suse-security/2003-Dec/
Thanks, I've read it.
Setting a ulimit unfortunately only fixes one of three possible attacks on
do_brk(). I must warn everybody NOT to rely on this workaround! It simply
does not protect your system at all.
Installing a patched kernel and rebooting is the only option.
--
Erik Hensema (erikhensema.net)
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]