CVE-2001-1384 Information

Description

ptrace in Linux 2.2.x through 2.2.19 and 2.4.x through 2.4.9 allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program such as newgrp.

Reference

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-036.0.txt http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-035-01 http://marc.info/?l=bugtraq&m=100343090106914&w=2 http://marc.info/?l=bugtraq&m=100350685431610&w=2 http://online.securityfocus.com/advisories/3713 http://www.iss.net/security_center/static/7311.php http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-079.php3 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 http://www.linuxsecurity.com/advisories/other_advisory-1650.html http://www.novell.com/linux/security/advisories/2001_036_kernel_txt.html http://www.redhat.com/support/errata/RHSA-2001-129.html http://www.redhat.com/support/errata/RHSA-2001-130.html http://www.securityfocus.com/bid/3447