Linux ptrace-exec race condition exploit v1.22 Vulnerability exploited: CAN-2001-1384 - BID-3447 Category: Exploits/Local Exploits a race condition that allows an unprivileged process to trace a setuid root process. Linux contains a vulnerability in it's exec() implementation that may allow for modification of a setuid process memory via ptrace(). The vulnerability is due to the fact that it is possible for a traced process to exec() a setuid image even when the tracing process is setuid. Supported Systems: SuSE Linux 7 (i386) SuSE Linux 7.1 (i386) SuSE Linux 7.2 (i386) Debian Linux 2.2 (i386) RedHat Linux 6.1 (i386) RedHat Linux 6.2 (i386) RedHat Linux 7 (i386) RedHat Linux 7.1 (i386) RedHat Linux 7.2 (i386) from kernel Linux 2.2.0 to kernel Linux 2.2.19 from kernel Linux 2.4.0 to kernel Linux 2.4.10 This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.