[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Script - *ptrace-kmod* running at the server
- Subject: [cobalt-users] Script - *ptrace-kmod* running at the server
- From: Swapana Ghosh <swapana_ghosh@xxxxxxxxx>
- Date: Thu Jan 1 22:17:02 2004
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hi
At one of our Cobalt Raq4r server i am seeing occassioanally the
the script *ptrace-kmod* to run..
After checking *Google* it is found as follows::
______________________________________
This code exploits a race condition in kernel/kmod.c, which creates
kernel thread in insecure manner. This bug allows to ptrace cloned
process, allowing to take control over privileged modprobe binary.
it works against all unpatched 2.2.x and 2.4.x kernels.
________________________________________
THIS PROGRAM IS FOR EDUCATIONAL PURPOSES *ONLY*
* IT IS PROVIDED "AS IS" AND WITHOUT ANY WARRANTY
Every where it is suggested to patch the OpenSSL and kernel.. But we
patch the server regularly. So how can i stop this *hacker's* script
to run at our server...
What harm the script can do in the server?
Thanks in advance..
__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/