WebHostGear.com - the hosting resource for professionalshosting tutorials 
hosting howto webhost guide server managementJuly 23, 2008
server management, apache tutorials, hosting tutorials, cpanel, server security
Home / Hosting Articles / Linux 2.4 Kernel Exploit in Wild

Linux 2.4 Kernel Exploit in Wild



Printer Friendly Printer Friendly Send to a friend Send to a friend
By : ramprage Rating : Not Rated

(Exploit in the wild) Updated 2.4 kernel fixes privilege escalation vulnerability

Suggest everyone get on this one pronto folks!

http://rhn.redhat.com/errata/RHSA-2003-392.html
See above url for kernel updates

Coverage on slashdot of Debian project server compromise: 
http://developers.slashdot.org/developers/03/12/01/2133249.shtml?tid=106&tid=185&tid=90

Coverage on geek.com:
http://www.geek.com/news/geeknews/2003Dec/gee20031202022891.htm

Coverage on newsforge.com:
http://www.newsforge.com/os/03/12/02/1642242.shtml?tid=2&tid=82&tid=94
See ominous note below in bold.

Updated 2.4 kernel fixes privilege escalation security vulnerability
Advisory: RHSA-2003:392-05
Last updated on: 2003-12-01

Affected Products:
Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CAN-2003-0961
Article provided by WebHostGear.com
Security Advisory Details:
Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation. The Linux kernel handles the basic functions of the operating system.

Article provided by WebHostGear.com

A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges.

This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. Important: If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have installed quota-3.06-9.7 from RHSA-2003:187

For Server Management and Kernel Upgrade Services contact Steve from Tower Host

New! - Need server help? Hire an Expert

Get professional help with your configuration, script installation or server issue.
Learn how we can help you with any server problem and make your server run like new. Professional staff will contact you, after submitting a quote request, by phone or email.

Rate this Article :

1

2

3

4

5

6

7

8

9

10
Poor Excellent
Sources
Thanks to jd_waverly from ev1servers forums for this information.

Related Articles


» Guide to Chkrootkit - checking for intruders
» Creating a Welcome message for SSH logins
» Red Hat Linux - Time is Running Out
» Securing Your /tmp Partition with Cpanel/WHM
» Mask Your Web Server for Enhanced Security
» Firewalls Explained - Part 1


Discuss this article with others in our new hosting forums

Comments / Feedback

 Add Comment
Name
Email
Image Code
Refresh Image

Comments / Feedback



Web Hosting News RSS ?


WebHostGear Hire an Expert - NEW!
Let us improve your servers performance, find that spammer and take care of that kernel upgrade. Hire us to help with any tutorials listed on the site or any other services needed. Get your free, NO obligation quote now

Our site offers free hosting tutorials, cpanel tutorial, web hosting news, shell commands, running a web hosting business, dedicated guides, linux tutorial, apache install, home web server, web server guide, ssh commands, dedicated servers, DNS nameservers, chkrootkit, apf firewall, exim configuration, server compromised, cron backup solution, ftp backup script

Server Tutorials


WebHostGear Reviewed by Ping Zine - Click here

Special Offer:


Links:
cPanel server administration

MidPhase Coupons

Reseller Hosting

Reseller Hosting FAQ

Icon

Web Hosting

Datacenter Discussion Forum

Lunarpages Coupon

Hosting Coupon



WebhostGear Sponsors
Going Up Advertise Hosting Free Uptime Check Web Hosting Chat Icons Banners Mall