[test] exec-shield vs. paxtest 0.9.5 horrible results

From: Gabor MICSKO
Date: Mon Dec 22 2003 - 05:55:31 EST


gmicsko03:/home/trey/devel/exploit/paxtest-0.9.5# uname -a
Linux gmicsko03 2.6.0 #1 Thu Dec 18 12:32:44 CET 2003 i686 GNU/Linux

gmicsko03:/home/trey/devel/exploit/paxtest-0.9.5# echo 2 >
/proc/sys/kernel/exec-shield

gmicsko03:/home/trey/devel/exploit/paxtest-0.9.5# cat
/proc/sys/kernel/exec-shield
2

gmicsko03:/home/trey/devel/exploit/paxtest-0.9.5# ./paxtest
PaXtest - Copyright(c) 2003 by Peter Busser <peter@xxxxxxxxxxxxx>
Released under the GNU Public Licence version 2 or later

It may take a while for the tests to complete
Test results:
PaXtest - Copyright(c) 2003 by Peter Busser <peter@xxxxxxxxxxxxx>
Released under the GNU Public Licence version 2 or later

Executable anonymous mapping : Vulnerable
Executable bss : Vulnerable
Executable data : Vulnerable
Executable heap : Vulnerable
Executable stack : Vulnerable
Executable anonymous mapping (mprotect) : Vulnerable
Executable bss (mprotect) : Vulnerable
Executable data (mprotect) : Vulnerable
Executable heap (mprotect) : Vulnerable
Executable shared library bss (mprotect) : Vulnerable
Executable shared library data (mprotect): Vulnerable
Executable stack (mprotect) : Vulnerable
Anonymous mapping randomisation test : 16 bits (guessed)
Heap randomisation test (ET_EXEC) : 14 bits (guessed)
Heap randomisation test (ET_DYN) : 13 bits (guessed)
Main executable randomisation (ET_EXEC) : No randomisation
Main executable randomisation (ET_DYN) : 12 bits (guessed)
Shared library randomisation test : 12 bits (guessed)
Stack randomisation test (SEGMEXEC) : 17 bits (guessed)
Stack randomisation test (PAGEEXEC) : 17 bits (guessed)
Return to function (strcpy) : Vulnerable
Return to function (strcpy, RANDEXEC) : Return to function
(memcpy) : Vulnerable
Return to function (memcpy, RANDEXEC) : Vulnerable
Executable shared library bss : Vulnerable
Executable shared library data : Vulnerable
Writable text segments : Vulnerable
gmicsko03:/home/trey/devel/exploit/paxtest-0.9.5#


Any idea?



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/