On Thu December 2 2004 17:46, Shachar Shemesh wrote: > Shlomi Fish wrote: > >It seems the Linux kernel has a problem with the ELF Binary: > > > >http://www.linuxdevcenter.com/pub/a/linux/2004/12/01/security_alerts.html > > > >This can cause a local root exploit? > > > >What should we do about it? > > > >Regards, > > > > Shlomi Fish > > Running dist-upgrade upgraded the following packages: > apache apache-common aptitude bind9 dhcp-client gzip iptables libdns5 > libisc4 libisccc0 > libisccfg0 liblwres1 libmm11 libmysqlclient10 libsasl7 libssl0.9.6 > logcheck > logcheck-database login logtail mysql-client mysql-common mysql-server > passwd pppoe telnet > xfree86-common xlibs > > It appears to have been a long time since someone updated the system. > > As for the kernel bug that triggered this discussion - I can't seem to > locate whether it still affects us or not. Do you have any proof of > concept for the bug so I can test? > > Shachar May this answer your question? http://www.securiteam.com/unixfocus/6B00F1PBPY.html
-- Noam Rathaus CTO Beyond Security Ltd. http://www.beyondsecurity.com http://www.securiteam.com
