*sekalian

jgn lupa wahai ikan patin sekalin…

ah,
kalo berkaitan dengan temerloh / patin.
korang berdua la sasaran aku

Gentoo rocks.. (once upon a time)

owh ya… tokey ikan patin pakai gentoo

Xanda & Piju/Dolphin,
Sesungguhnya ikan patin tidak bersalah dalam hal ini. Ikan patin juga tiada kena mengena dengan Linux vmsplice Local Root Exploit & yg paling penting, ikan patin tidak se”g33k” korang berdua :D

Cae,
It’s nice to see non-techie to use Debian. As far as I know, non-techie prefer to use Ubuntu instead of Debian. As a Singaporean, you might want to join Linux User Group there :)

Hi Xanda,

now I understand why irwan is fumming :-)
he did already wrote a VERY SIMPLE howto, just that I really do not know it’s there! LOL.

your 3 steps did the magic, TERIMA KASIH !

by the way, saya dak tahu malayu
hope I got the above sentence right :-)

Cheers

ceh. dia nak marah buat ape

jangan… nanti sysadmin marah

woi patin2 sekalian,
aku nak siang korang

ramai sungguh ikan patin di sini.
boleh buat kolam untuk ternak patin

Dear Cae,

Q: how to test if our system is affected by this security hole (which definitely is)

A: follow these steps

1) wget http://downloads.securityfocus.com/vulnerabilities/exploits/27704.c

2) gcc 27704.c -o exploit

3) ./exploit

Q: how to do the kernel update to cover this hole (a good learning experience)

A: I believe it has something to do with stack overflow where it allow normal user to perform system call to become a root. the patches might change the memory address or maybe randomize it so that the exploit wont work

Irwan, that’s the funny part.

I am a totally none technical person and so your VERY SIMPLE , compile and run , is alien to me but something I am interested to learn.

Care to share :-)

Also, this shows how user friendly debian is, non-technie like me can get it installed and using as a full time desktop.

Cae,
I’ve made a VERY SIMPLE instruction in my post to see how the exploit works. You just have to download the code, compile, and run the binary as a normal user. After that, you should be able to get root.

As I’ve said earlier, my debian ( 2.6.22-3-686) installation is definitely affected :-)

Any chance of sharing a simple step by step howto to test for the security hole?

Cae,

Q: how to test if our system is affected by this security hole (which definitely is)
A: If you’re using Kernel 2.6.17 – 2.6.24.1, then there’s a high chance that you’re affected.

Q: how to do the kernel update to cover this hole (a good learning experience)
A: It depends on your Linux distro, consult the documentation. If RedHat-based, it’s normally “rpm -ivh new_kernel”. If Debian-based, just “apt-get update && apt-get upgrade”. Again, concult the docs/manual. The bottom line is; update/upgrade your kernel!