[SECURITY-L] [S] linux kernel 2.6 fun. windoze is a joke

[CSIRT - UNICAMP]

----- Forwarded message from Nelson Murilo <nelson em pangeia.com.br> -----

From: Nelson Murilo <nelson em pangeia.com.br>
Subject: [S] linux kernel 2.6 fun. windoze is a joke
To: seguranca em pangeia.com.br
Date: Tue, 15 Feb 2005 19:53:47 -0200


[http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html]

Georgi Guninski security advisory #73, 2005

linux kernel 2.6 fun. windoze is a joke

Systems affected:
linux kernel 2.6.10, probably earlier 2.6.
2.4 not tested

Date: 15 February 2005

Legal Notice:
This Advisory is Copyright (c) 2005 Georgi Guninski.
You  may  not  modify    it   and   distribute    it   or   distribute   parts
of it without the author's written permission - this especially  applies  to
so called "vulnerabilities databases"  and  securityfocus,  microsoft,    cert
and mitre.
If   you   want    to     link     to    this    content      use     the    URL:
http://www.guninski.com/where_do_you_want_billg_to_go_today_3.html
Anything in this document may change without notice.

Disclaimer:
The  information  in  this  advisory  is  believed   to   be   true   though
it may be false.
The opinions  expressed  in  this  advisory  and  program  are    my  own  and
not   of   any     company.    The   usual   standard   disclaimer    applies,
especially the fact that Georgi Guninski  is  not  liable  for    any  damages
caused by direct  or  indirect    use  of  the  information  or  functionality
provided  by  this  advisory  or  program.    Georgi   Guninski   bears   no
responsibility for  content  or  misuse  of  this  advisory  or  program  or
any derivatives thereof.

Description:

There is misuse of signed types in 2.6, leading to buffer overflow and
reading kernel memory.

Details:

WDYBTGT3-1:

there is heap overflow in /proc in at least 2.6.10 and 2.6.11rc1-bk6 (
have not tested 2.4) on i386.
[...]


----- End forwarded message -----