WebhostGear.com - the hosting resource for professionalshosting tutorials hosting howto webhost guide server management
 

Linux 2.4 Kernel Exploit in Wild




ramprage

Steve Leggett is the owner of WebHostGear.com and Wave Point Media Inc. He use to run and own his own web hosting company, Tower Host, which was recently sold. Steve now specializes in server administration and web development.

(Exploit in the wild) Updated 2.4 kernel fixes privilege escalation vulnerability

Suggest everyone get on this one pronto folks!

http://rhn.redhat.com/errata/RHSA-2003-392.html
See above url for kernel updates

Coverage on slashdot of Debian project server compromise: 
http://developers.slashdot.org/developers/03/12/01/2133249.shtml?tid=106&tid=185&tid=90

Coverage on geek.com:
http://www.geek.com/news/geeknews/2003Dec/gee20031202022891.htm

Coverage on newsforge.com:
http://www.newsforge.com/os/03/12/02/1642242.shtml?tid=2&tid=82&tid=94
See ominous note below in bold.

Updated 2.4 kernel fixes privilege escalation security vulnerability
Advisory: RHSA-2003:392-05
Last updated on: 2003-12-01

Affected Products:
Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CAN-2003-0961

Security Advisory Details:
Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation. The Linux kernel handles the basic functions of the operating system.

A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges.

This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. Important: If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have installed quota-3.06-9.7 from RHSA-2003:187

For Server Management and Kernel Upgrade Services contact Steve from Tower Host

New! - Need server help? Hire an Expert

Get professional help with your configuration, script installation or server issue.
Learn how we can help you with any server problem and make your server run like new.

By : ramprage Rating : Not Rated Views: 5548 Date: December 3, 2003

Return to WebHostGear.com