CVE-2004-1235

Related Files

uselib24.c

Posted Jan 27, 2005

Authored by timhsu | Site chroot.org

Modified uselib() local exploit for the Linux kernel series. This version has been modified to also work on SMP kernels. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected.

tags | exploit, kernel, local

systems | linux

advisories | CVE-2004-1235

SHA-256 | 5e811fb3a37fea86aa97d208b9d826680bddf7e732a63c3f6952d51dfe5d31ea

Download | Favorite | View

Openwall Linux Kernel Patch

Posted Jan 22, 2005

Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Adds a number of security fixes, including to the x86/SMP page fault handler and the uselib(2) race conditions, both discovered by Paul Starzetz.

tags | overflow, kernel

systems | linux

advisories | CVE-2004-1235, CVE-2005-0001

SHA-256 | 517d8c63c913c0a9a9f1b1544de6318bdd18841356e2f3754beb64d4647dcc3c

Download | Favorite | View

isec-0021-uselib.txt

Posted Jan 7, 2005

Authored by Paul Starzetz | Site isec.pl

Locally exploitable flaws have been found in the Linux binary format loaders' uselib() functions that allow local users to gain root privileges. Linux kernel versions 2.4 up to and including 2.4.29-pre3, 2.6 up to and including 2.6.10 are affected. Exploit included.

tags | exploit, kernel, local, root

systems | linux

advisories | CVE-2004-1235

SHA-256 | dc8912477cabd4620eccb9621b77afc571d533b90b200dfc6fc0b9d16173ee04

Download | Favorite | View