|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rain Forest Puppy (rfp
vulnwatch.org)Date: Tue Mar 05 2002 - 23:47:55 CST
[[ This was sent out to the Owl Linux list. Basically a bug in linux
kernel lcall() which lets local users kill system processes.
--rfp ]]
---------- Forwarded message ----------
Date: Mon, 4 Mar 2002 04:26:23 +0300
From: Solar Designer <solaropenwall.com>
Reply-To: owl-userslists.openwall.com
To: announcelists.openwall.com
Cc: owl-userslists.openwall.com
Subject: Linux 2.2.20-ow2, NordU2002 presentation slides on Owl
Hi,
I've just released Linux 2.2.20-ow2. This version of the patch fixes
an x86-specific Linux kernel vulnerability where local users could
abuse a binary compatibility interface (lcall) to kill processes not
belonging to them (including system processes).
The patch is available at the usual location:
http://www.openwall.com/linux/
Both Owl-current and Owl 0.1-stable have been updated to include this
version of the patch. (There's no updated Owl-current ISO image yet,
though, but once there is it will have the new patch.)
As promised, I've also released our NordU2002 presentation slides on
Owl, as well as an updated version of the SSH Traffic Analysis slides
(as used at NordU2002). The URL is:
http://www.openwall.com/presentations/
-- /sd
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]