grsecurity forums

by **svart** » Sat Jan 08, 2005 5:24 am

http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome

by **crusader** » Sat Jan 08, 2005 6:49 am

i`ve tested it on:

2.4.24-grsec
2.6.10-grsec
2.6.5-grsec
2.4.28-grsec
2.4.28-openwall
2.6.10 plain & 2.4.25 plain

on grsec & openwall the process was killed
on the plain kernels - segmentation fault

by **PaX Team** » Sat Jan 08, 2005 8:13 am

svart wrote:http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome

that exploit shouldn't work but there's another (apparently known for half a year) that does work.

by **eRAZOR** » Sat Jan 08, 2005 11:55 am

PaX Team wrote:
svart wrote:http://www.isec.pl/vulnerabilities/isec-0021-uselib.txt

anyone tested it on grsec kernels? it seems to work on default kernels and not on grsec...but I'm not 100%, more tests are welcome
that exploit shouldn't work but there's another (apparently known for half a year) that does work.

Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?

by **PaX Team** » Sat Jan 08, 2005 12:16 pm

eRAZOR wrote:Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?

you mean that the fixes at http://grsecurity.net./download.php are not enough?

by **svart** » Sat Jan 08, 2005 12:26 pm

PaX Team wrote:
eRAZOR wrote:Forgive me, I'm new to this, but is it beyond the scope of this project to fix the one that works?
you mean that the fixes at http://grsecurity.net./download.php are not enough?

let's make this clear..
you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?

by **PaX Team** » Sat Jan 08, 2005 3:46 pm

svart wrote:you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?

yes, it began circulating yesterday after its 0-day status had effectively evaporated and its author(s) posted it on the web.

by **svart** » Sat Jan 08, 2005 4:15 pm

PaX Team wrote:
svart wrote:you say that isec.pl's uselib() does not work on grsec patched kernels but there is another one older that works?
yes, it began circulating yesterday after its 0-day status had effectively evaporated and its author(s) posted it on the web.

are you sure we are not talking about the same? because this uselib() was also released yesterday...

someone was asking above why grsec did not make a patch to fix that...are you waiting for the kernel.org people to patch it?
Yes, of course we very apreciate what you did...but if you can do more in such a critical step, would be also very apreciating..

acls, stack ex. protections, /proc restrictions, etc...all you do is great...but people use grsec to be and to feel more secure...and you say you know about something..but don't do anything...I and maybe others put a lot of trust in you...so if you don't do it, who else?

by **PaX Team** » Sat Jan 08, 2005 8:27 pm

svart wrote:are you sure we are not talking about the same? because this uselib() was also released yesterday...

i know, but isec (apparently) wasn't the first to find and exploit this bug.

someone was asking above why grsec did not make a patch to fix that...are you waiting for the kernel.org people to patch it?

i think there's a misunderstanding here. the isec exploit and the other one i mentioned, exploit the *same* bug, hence neither works on the patched kernels which were released yesterday.

grsecurity forums

uselib() exploit

uselib() exploit

Re: uselib() exploit

Re: uselib() exploit

Re: uselib() exploit

Re: uselib() exploit

Re: uselib() exploit

Re: uselib() exploit

Re: uselib() exploit