TechRepublic|Forums|Security

Security

General discussion

  • Creator
    Topic
  • December 6, 2003 at 10:07 am #2296979

    Linux Kernel Exploit 12-5-03!!!!!

    Locked

    by lordinfidel · about 19 years ago

    Linux Kernel Exploit
    For those of you out there who are using the 2.4.x kernels up to 2.4.22, and you do not know about this, read on.

    A while ago, debian was broken into. It was later found that the exploit that was used was in every 2.4 kernel version.

    The linux community has been relatively silent about this, especially the folks at kernel.org.

    Even the major distros have silently released patches and discussions about this that usually exist on such highly regarded newsgroups such as bugtraq and slashdot, have been almost non-existant.

    I’m not going to get into the techincal details of the exploit, but just to say you need either the kernel patch or the latest kernel 2.4.23.

    Several distros have made available back ported kernels with the patch level included.

    To see what your distro has done, a good place to look is: linuxsecurity.org

    To get the white paper on the exploit go to:
    http://isec.pl/papers/linux_kernel_do_brk.pdf


    If your not on bugtraq then shame on you.
    If you don’t update your kernel and you get owned because of it, don’t start crying about it.

    Shame on the linux community for their silence. It is extremely shameful to think that we can dish it out but we can’t take it.

    LordInfidel

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments