[not fixed!!!!]paxtest 0.9.9 available, compiles and runs on amd64
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
paxtest (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: paxtest
According to:
http://
paxtest 0.9.9 is available here:
http://
It compiles on karmic amd64 by means of 'make linux64' and it seems to be functional:
~/src/paxtest-
PaXtest - Copyright(c) 2003,2004 by Peter Busser <email address hidden>
Released under the GNU Public Licence version 2 or later
Writing output to paxtest.log
It may take a while for the tests to complete
Test results:
PaXtest - Copyright(c) 2003,2004 by Peter Busser <email address hidden>
Released under the GNU Public Licence version 2 or later
Mode: blackhat
Linux tesla 2.6.31-19-server #56-Ubuntu SMP Thu Jan 28 03:40:48 UTC 2010 x86_64 GNU/Linux
Executable anonymous mapping : Killed
Executable bss : Killed
Executable data : Killed
Executable heap : Killed
Executable stack : Killed
Executable shared library bss : Killed
Executable shared library data : Killed
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable stack (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect): Vulnerable
Writable text segments : Vulnerable
Anonymous mapping randomisation test : 28 bits (guessed)
Heap randomisation test (ET_EXEC) : 14 bits (guessed)
Heap randomisation test (PIE) : 28 bits (guessed)
Main executable randomisation (ET_EXEC) : No randomisation
Main executable randomisation (PIE) : 28 bits (guessed)
Shared library randomisation test : 28 bits (guessed)
Stack randomisation test (SEGMEXEC) : 28 bits (guessed)
Stack randomisation test (PAGEEXEC) : 28 bits (guessed)
Return to function (strcpy) : paxtest: return address contains a NULL byte.
Return to function (memcpy) : Vulnerable
Return to function (strcpy, PIE) : paxtest: return address contains a NULL byte.
Return to function (memcpy, PIE) : Vulnerable
Related branches
CVE References
summary: |
- paxtest 0.9.9 available, compiles and runs on amd64 + [not fixed!!!!]paxtest 0.9.9 available, compiles and runs on amd64 |
This bug was fixed in the package paxtest - 1:0.9.9-1
---------------
paxtest (1:0.9.9-1) unstable; urgency=medium
* New upstream release, uploaded to Debian. (LP: #530778) (Closes: #570990)
* genpaxtest: Modify so that the 'paxtest' script generated uses
either a user-provided logfile as argument or the $HOME/paxtest.log
instead of paxtest.log for its results in order to prevent it from
writing in the users' CWD and avoid symlink tricks if the user is
executing this in a shared (i.e. writable by others) directory such as
/tmp. Fixes CVE-2010-3373 (Closes: #598413)
* Updated results in the results/ directory for a stock Debian kernel
(i.e. no overflow protection)
* Use debhelper compatibility version 5
* debian/rules: Use conditions to build using 'linux32', 'linux64' or
just 'linux'
* Document the new Homepage in debian/control, also list both the new
and the old one in debian/copyright
* Updated debian/paxtest.sgml to properly reflect the arguments used in the
paxtest script and the new behaviour wrt log files.
* Fix upstream's debian/changelog to have proper maintainer lines. Use the
date information of the files as a basis.
* Updated the content under results/ for a stock Debian kernel (2.6.32)
and rename the older result files for Debian kernel 2.4.25
paxtest (0.9.9-3) stable; urgency=low
* fixed Makefile to use -nopie for Gentoo Hardened on ET_EXEC tests
paxtest (0.9.9-2) stable; urgency=low
* fixed writable text segments test under gcc 4.5 optimizations
paxtest (0.9.9-1) stable; urgency=low
* added SPARC/64 support
* added PPC/64 support (return to function tests should be ignored for PPC64)
* added 32/64bit target support
* added shellode.h to easily support additional architectures
* made paxctl generate the PT_PAX_FLAGS header for binaries that
didn't have one
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 15 Oct 2010 09:53:22 +0000