Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1384

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-1384
Last Modified 10 Sep 2008 03:10:24
Published 18 Oct 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1384

Summary

ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.

Vulnerable Systems

Operating System

  • Linux Kernel 2.2.0

  • Linux Kernel 2.2.1

  • Linux Kernel 2.2.10

  • Linux Kernel 2.2.11

  • Linux Kernel 2.2.12

  • Linux Kernel 2.2.13

  • Linux Kernel 2.2.14

  • Linux Kernel 2.2.15

  • Linux Kernel 2.2.16

  • Linux Kernel 2.2.17

  • Linux Kernel 2.2.18

  • Linux Kernel 2.2.19

  • Linux Kernel 2.2.2

  • Linux Kernel 2.2.3

  • Linux Kernel 2.2.4

  • Linux Kernel 2.2.5

  • Linux Kernel 2.2.6

  • Linux Kernel 2.2.7

  • Linux Kernel 2.2.8

  • Linux Kernel 2.2.9

  • Linux Kernel 2.4.10

  • Linux Kernel 2.4.2

  • Linux Kernel 2.4.3

  • Linux Kernel 2.4.7

  • Linux Kernel 2.4.8

  • Linux Kernel 2.4.9


References

ENGARDE - ESA-20011019-02

XF - linux-ptrace-race-condition(7311)

REDHAT - RHSA-2001:130

REDHAT - RHSA-2001:129

SUSE - SuSE-SA:2001:036

MANDRAKE - MDKSA-2001:082

MANDRAKE - MDKSA-2001:079

HP - HPSBTL0112-003

IMMUNIX - IMNX-2001-70-035-01

CALDERA - CSSA-2001-036.0

BID - 3447

BUGTRAQ - 20011019 TSLSA-2001-0028

BUGTRAQ - 20011018 Flaws in recent Linux kernels


Last Updated: 27 May 2016 10:36:39