Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Linux Kernel Vulnerability, Ethereal Patches

Published: 2004-01-05
Last Updated: 2004-01-06 00:32:10 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
Linux Kernel Vulnerability

Paul Starzetz ( http://www.isec.pl ) identified a new vulnerability in all current linux kernels ( 2.2, 2.4 and 2.6 ). This vulnerability could allow unprivileged users to gain root access.

So far, we have not seen an exploit for this vulnerability.

New kernels were released today for all major linux distributions.

Kernel upgrades can be tricky and require a reboot of your system. Be advised to carefully test new kernels before deploying them. While this vulnerability is not directly remotely exploitable, it is possible that other vulnerabilities (e.g. cgi scripts) will be used to gain access to a machine as a non-privileged user. This vulnerability will allow such an intruder to escalate privileges and become root.

Vulnerable Kernels: 2.6.0, 2.4.23, 2.2.25 (and respective earlier versions)

Fixed Kernels: 2.4.24

http://isec.pl/vulnerabilities/isec-0012-mremap.txt

Please submit any additions or corrections using the contact form at
http://isc.sans.org/contact.html

-----------------
Johannes Ullrich, SANS Institute, jullrich_AT_sans.org

-----------------
Ethereal Patches

Debian has released Ethereal patches covering 5 issues;

Debian Security Advisory DSA 407-1
http://www.debian.org/security/

DSA-407-1 ethereal -- buffer overflows
http://www.debian.org/security/2004/dsa-407

Patrick Nolan
Keywords:
0 comment(s)
Diary Archives