 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
There is a very serious security vulnerability in all Linux Kernel versions up to and including Linux 2.2.18. This vulnerability can be exploited easily and trivially by running readily available exploit code against any SUID-root executable on the system to allow any local user the ability to gain root privileges. Linux 2.2.19 was released this week, and is not vulnerable. Also, all of the 2.4 series kernels are not vulnerable. For more information about this vulnerability, see the following links: http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fthreads%3D0%26list%3D1%26start%3D2001-03-25%26fromthread%3D0%26mid%3D171708%26end%3D2001-03-31%26 http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fthreads%3D0%26list%3D1%26start%3D2001-03-25%26fromthread%3D0%26mid%3D171950%26end%3D2001-03-31%26 http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Fthreads%3D0%26list%3D1%26start%3D2001-03-25%26fromthread%3D0%26mid%3D172196%26end%3D2001-03-31%26 If you have users on your systems who should not have root privileges, you definitely need to upgrade your kernel today! -- Derek Martin Senior System Administrator Mission Critical Linux martin at MissionCriticalLinux.com - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
