Yet another IIS hole
Cory Bosley
kulua at bosleys.org
Thu Mar 20 05:49:09 CST 2003
On Wed, Mar 19, 2003 at 11:39:54PM -0600, Duane Attaway wrote:
> On Wed, 19 Mar 2003, Jason Clinton wrote:
> > To be fair, everyone should patch their Linux kernels to the latest
> > released by your vendor. A local root hole was discovered in ptrace a
> > week ago. 2.4.21 will fix this.
> Local exploit. Only patch if you have user accounts...
And when the next remote exploit for a daemon you run "only" provides
non-root access, suddenly you have a remote root hole. Sorry, call me
paranoid, but that is not acceptable.
--
Cory Bosley
More information about the Kclug
mailing list