Vendor : iSEC Security Research
E-mail this page
Related Content
Remember this itemFormat: PDF
Date:
2007-04-03
Linux Kernel do_brk() Vulnerability
0
0 votes
Overview
A critical security bug has been found in the Linux kernel 2.4.22 (and earlier) memory management subsystem. This bug has been silently fixed for the 2.4.23 as well as in the 2.6.0-test6 release without any notice to the open source community. While performing a regular audit of the Linux kernel the same bug was found at the end of September 2003 and quickly realized its serious impact on the kernel security. Shortly after the authors were ready with a simple proof-of-concept exploit code. This paper presents the technical details of the do_brk() bug found and the results the research done while writing the exploit code.
See also: Linux Server OS, Application Development
Related whitepapers
- Alfresco Software Case Study: The Clinical Research Information Exchange (CRIX)
- Alfresco Software Case Study: Reed Managed Services
- Alfresco Software Case Study: Swansea Housing Association
- Alfresco Software Case Study: go2 Media - go2.com
- Quesgen Systems: Using the Vyatta Open-Source Router and Firewall to Secure Hosted Medical Data
- Protection for Mac and Linux Computers: genuine need or nice to have?
- AmTrust Reduced Database and Linux Helpdesk Calls by 80% With Centralized User Management
- Cleartext Passwords in Linux Memory
- S7 Software Ports a Windows Based (VC++) Application Onto Solaris and Linux With Native Performance Using WindU
- More Support for the Kernel
|
|
Cutting-edge technology from premium sponsors
Oracle Technology Solutions for Midsize Businesses
eBook: The Power you need at the price that you want.
Oracle Business Intelligence Standard Edition One - New!
Oracle's Vision for an Enterprise Performance Management System
More Tech Showcases:
ZDNet Asia Top Tech 50 Index
AT&T- Asustek
- Canon
- Convergys
- Ericsson
- Hewlett-Packard
- Infosys
- LogicaCMG
- NTT
- Samsung
- SingTel Group
- Toshiba
- Xerox
- Accenture
- Atos Origin
- Capgemini
- Dell
- France Telecom
- Hitachi
- Intel
- Microsoft
- Nokia
- Satyam Computer Services
- Sony
- Verizon Communications
- ZTE
MY | Designed for Business Success.
Read about Dell’s highly-rated or CNET Editor’s Choice laptops
Rapid Application Development
Click here to download CodeGear RAD Studio 2009 for native Windows & .NET development
Download RAD Studio 2009 now
The complete solution for rapid application development from CodeGear
Protect Your Business Critical Systems
With award-winning disaster recovery solutions by NEC.
Free IT Salary Report 2009
Register and be the first to download this invaluable resource
ZDNet Asia Top Tech Index
Find out who you should be spending your IT budget with
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
