Yet another IIS hole
Duane Attaway
dattaway at dattaway.org
Thu Mar 20 05:41:16 CST 2003
On Wed, 19 Mar 2003, Jason Clinton wrote:
> To be fair, everyone should patch their Linux kernels to the latest
> released by your vendor. A local root hole was discovered in ptrace a
> week ago. 2.4.21 will fix this.
Local exploit. Only patch if you have user accounts...
Ptrace hole / Linux 2.2.25
From: Alan Cox (alan at redhat.com)
The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole
allows local users to obtain full privileges. Remote exploitation of this
hole is not possible. Linux 2.5 is not believed to be vulnerable.
http://www.uwsg.indiana.edu/hypermail/linux/kernel/0303.2/0226.html
--
"It is the duty of a patriot to protect his country from its government"
-Thomas Paine
http://dattaway.org
More information about the Kclug
mailing list