what you don't know can hurt you

teso-advisory-012.txt

teso-advisory-012.txt
Posted Feb 5, 2002
Authored by teso | Site team-teso.net

TESO Security Advisory - LIDS Linux Intrusion Detection System vulnerability. The "Linux Intrusion Detection System" security patch for the Linux kernel creates a security vulnerability. Exploitation is easy and local users may be able to gain unrestricted root privileges.

tags | kernel, local, root
systems | linux
MD5 | 798dd3ba6b7227152566567c49b9423c

teso-advisory-012.txt

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


TESO Security Advisory
01/01/2002

LIDS Linux Intrusion Detection System vulnerability


Summary
===================

The "Linux Intrusion Detection System" security patch for the Linux kernel
creates a security vulnerability. Exploitation is easy and local users may
be able to gain unrestricted root priviledges.


Systems Affected
===================

Almost any Linux system that uses the LIDS kernel patch.


Impact
===================

By obtaining the configuration of the LIDS system with a capability
scanner an attacker may find out which capabilities are granted to
which programs. He then may gather these capabilities such as
CAP_SYS_ADMIN or CAP_SYS_RAWIO by tricking these programs to
execute attackers code with these capabilities.
The attacker is able to disable LIDS system completely. Further,
any user (not just root) is able to exploit this weakness.


Explanation
===================

Further information about the insecurities of LIDS may be obtained from
[2].


Solution
===================

The vendors have been informed. Fixes should be available soon.


Acknowledgements
===================

The bug has been discovered by Stealth.

The tests and further analysis were done by Stealth.


Contact Information
===================

The TESO crew can be reached by mailing to teso@team-teso.net
Our web page is at https://www.team-teso.net/


References
===================

[1] TESO
http://www.team-teso.net/

[2] http://stealth.7350.org/lids-hack.tgz


Disclaimer
===================

This advisory does not claim to be complete or to be usable for any
purpose. Especially information on the vulnerable systems may be inaccurate
or wrong. Possibly supplied exploit code is not to be used for malicious
purposes, but for educational purposes only.

This advisory is free for open distribution in unmodified form.
Articles that are based on information from this advisory should include
link [1].


Exploit
===================

TESO does not provide exploits for this weakness.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8M3qLcZZ+BjKdwjcRAlssAKCB4W4wCRmv4t1WidJ3L761R38hlwCfSpL/
z2sieYPZ/K/LIyTBtyC+PS8=
=ofwZ
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    4 Files
  • 12
    Jul 12th
    4 Files
  • 13
    Jul 13th
    13 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close