Lucene search
SAINT CorporationSAINT:25F9B7414C3280FA5002D541637A5636HistoryJun 27, 2007 - 12:00 a.m.
Linux kernel ptrace privilege elevation vulnerability
2007-06-2700:00:00
SAINT Corporation
www.saintcorporation.com
15
0.0004 Low
EPSS
Percentile
5.9%
Added: 06/27/2007
CVE: CVE-2003-0127
BID: 7112
OSVDB: 4565
Background
**ptrace** is a Linux system call which enables a parent process to observe and control another process.
Problem
Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching to specific root spawned processes.
Resolution
Upgrade to Linux kernel 2.2.25 or 2.4.21 or higher, or apply a fix from your Linux vendor.
References
<http://www.kb.cert.org/vuls/id/628849>
Limitations
There may be a delay before the exploit succeeds.
Platforms
Linux
Related
debian
debian
nessus
nessus
Debian DSA-276-1 : linux-kernel-s390 - local privilege escalation
2004-09-29 00:00:00
SUSE-SA:2003:021: kernel
2004-07-25 00:00:00
Debian DSA-270-1 : linux-kernel-mips - local privilege escalation
2004-09-29 00:00:00
openvas
openvas
osv
osv
linux-kernel-s390 - local privilege escalation
2003-04-03 00:00:00
linux-kernel-mips - local privilege escalation
2003-03-27 00:00:00
linux-kernel-2.4.16-arm - several vulnerabilities
2004-04-26 00:00:00
suse
suse
local privilege escalation in kernel
2003-03-25 17:27:05
redhat
redhat
(RHSA-2003:103) kernel security update
2003-03-21 00:00:00
saint
saint
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
Linux kernel ptrace privilege elevation vulnerability
2007-06-27 00:00:00
cve
cve
CVE-2003-0127
2003-03-31 05:00:00
cvelist
cvelist
CVE-2003-0127
2003-03-18 05:00:00
ubuntucve
ubuntucve
CVE-2003-0127
2003-03-31 00:00:00
cert
cert
ptrace contains vulnerability allowing for local root compromise
2004-04-16 00:00:00
securityvulns
securityvulns
[ESA-20030318-009] Several 'kernel' vulnerabilities
2003-03-19 00:00:00