Compile 2.6.7 Kernel w/module-init-tools Published: Jul 08, 2004
  • Rating

    0/5

A new linux kernel exploit is out in the wild, make sure to secure your server quickly before someone takes control and exploits your valuable systems.

(Exploit in the wild) Updated 2.4 kernel fixes privilege escalation vulnerability

Suggest everyone get on this one pronto folks!

http://rhn.redhat.com/errata/RHSA-2003-392.html
See above url for kernel updates

Coverage on slashdot of Debian project server compromise: 
http://developers.slashdot.org/developers/03/12/01/2133249.shtml?tid=106&tid=185&tid=90

Updated 2.4 kernel fixes privilege escalation security vulnerability
Advisory: RHSA-2003:392-05
Last updated on: 2003-12-01

Affected Products:
Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CAN-2003-0961

Security Advisory Details:
Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation. The Linux kernel handles the basic functions of the operating system.

A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges.

This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. Important: If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have installed quota-3.06-9.7 from RHSA-2003:187

For Server Management and Kernel Upgrade Services contact Steve from Tower Host

  • Rating

    0/5

Related Articles

Comments (5)

  • Gravatar - r007
    r007 02:20, July 24, 2004
    <br />
    /boot/config-2.4.20-8:2130: trying to assign nonexistent symbol DEBUG_IOVIRT<br />
    /boot/config-2.4.20-8:2133: trying to assign nonexistent symbol DEBUG_BU<br />
    <br />
    I get tons of errors like that, any help?
  • Gravatar - Tom
    Tom 15:06, August 3, 2004
    Does this work on Fedora?
  • Gravatar - mohamed
    mohamed 05:52, October 9, 2004
    tom / i have install it on FC1 and it run :)
  • Gravatar - JLChafardet
    JLChafardet 01:31, November 4, 2004
    definatelly this isnt as easy at it seems, all that y m n ? drove me krazy, hope to do not crash my box LOL
  • Gravatar - fusion
    fusion 22:20, December 10, 2004
    i think if you press just enter it picks the best option

Add Your Thoughts

WebHostGear.com is a hosting directory, not a web host.

Copyright © 1998-2018 WebHostGear.com