This time Bryan Whitehead <[EMAIL PROTECTED]> becomes daring and writes:
> Vox wrote: >> This time Bryan Whitehead <[EMAIL PROTECTED]> becomes daring and >> writes: >> >>>Are we going to be getting kernel updates for the local root >>>problem? >> Vincent and the kernel dudes are working on this...some time next >> week you'll get them. Meanwhile you can do, as root: >> echo "/path/to/non-existant/file" > /proc/sys/kernel/modprobe >> And you'll be protected. >> >>>Or the new problem with glibc? >> Uhm...haven't heard about this one yet. > > http://www.eeye.com/html/Research/Advisories/AD20030318.html > > :-D > > Basically an rpc problem... effects things like portmap and stuff. (I > not 100% sure portmap is directly open but others seem to think so) Uhm...from what I read there it's a portmap/RPC problem...good thing I don't run portmap anywhere :) > Combo remote exploit using portmap/rpc problem and kernel root is not > good.... Agreed. > I keep up with this stuff, I have over 100 machines to keep > secure... ;) I usually keep up with this stuff too...but since I don't use portmap I didn't pay attention to it when it went through bugtraq (if it did go through it). Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr.
pgp00000.pgp
Description: PGP signature