General discussion

Locked

Linux Kernel Exploit 12-5-03!!!!!

By LordInfidel ·
Linux Kernel Exploit
For those of you out there who are using the 2.4.x kernels up to 2.4.22, and you do not know about this, read on.

A while ago, debian was broken into. It was later found that the exploit that was used was in every 2.4 kernel version.

The linux community has been relatively silent about this, especially the folks at kernel.org.

Even the major distros have silently released patches and discussions about this that usually exist on such highly regarded newsgroups such as bugtraq and slashdot, have been almost non-existant.

I'm not going to get into the techincal details of the exploit, but just to say you need either the kernel patch or the latest kernel 2.4.23.

Several distros have made available back ported kernels with the patch level included.

To see what your distro has done, a good place to look is: linuxsecurity.org

To get the white paper on the exploit go to:
http://isec.pl/papers/linux_kernel_do_brk.pdf

<soap box>
If your not on bugtraq then shame on you.
If you don't update your kernel and you get owned because of it, don't start crying about it.

Shame on the linux community for their silence. It is extremely shameful to think that we can dish it out but we can't take it.
</soapbox>

LordInfidel

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Security Forum
0 total posts (Page 1 of 1)  

Related Forums