Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): > Just came across this article from Eweek. > http://www.eweek.com/article2/0,4149,1400446,00.asp
Article is somewhat misleading: A memory-handling bug was fixed a/o 2.4.23, without the kernel developers quite realising the bug had security implications. Someone discovered how to exploit it to escalate local access to root, and deployed the exploit on 2003-11-19. The exploit's usage was discovered on 2003-11-20 (the following day). Kernel versions earlier than 2.4.23 (or prior with backported patch to mmap.o) are vulnerable and should be upgraded. (If you're running 2.5.0 through 2.5.69, you're both vulnerable and crazy. ;-> ) -- Cheers, "Java is COBOL 2.0." Rick Moen -- Deirdre Saoirse Moen [EMAIL PROTECTED] -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
