Bigjakkstaffa
12-02-2003, 10:53 AM
http://security.itworld.com/4348/031202linuxvulnerability/page_1.html
--Jakk:t
--Jakk:t
Click to See Complete Forum and Search --> : Linux Kernel vulnerability
capybara
12-04-2003, 08:47 AM
quote from that link:
The bug does not only affect Debian users, however. Any Linux user running a version of the kernel prior to 2.4.23 should contact their distribution provider to see whether a patch for the exploit has been made available, Torvalds said.
The problem was discovered by Linux kernel developer Andrew Morton in September, and was fixed in the 2.4.23 version of the kernel,
The bug does not only affect Debian users, however. Any Linux user running a version of the kernel prior to 2.4.23 should contact their distribution provider to see whether a patch for the exploit has been made available, Torvalds said.
The problem was discovered by Linux kernel developer Andrew Morton in September, and was fixed in the 2.4.23 version of the kernel,
Bluehail
12-05-2003, 03:01 PM
So, if I left my telnet port open and a guest account on, someone could telnet in as guest and elevate their privledges?
rraehal
12-05-2003, 11:37 PM
Bluehail,
you are correct. The bug would allow a non-privledged account to raise their privledges. Basically if they eleveted their privledges, they could become root. Your system would be totaly compromised.
you are correct. The bug would allow a non-privledged account to raise their privledges. Basically if they eleveted their privledges, they could become root. Your system would be totaly compromised.
SysOpt.com
Copyright Internet.com Inc. All Rights Reserved.
Copyright Internet.com Inc. All Rights Reserved.