Odd Security Warnings...
Andrew Mathews
andrew_mathews
Mon May 17 11:51:10 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matthew Carpenter wrote:
<snip>
|
| What concerns me is the /dev directory. This is a SCO Linux 4 box
(yes, I was
| run one of those still). I don't believe I set up YOU automated
updates or
| anything so I'm abit confused here. Is this box toast? Have I been
whacked?
| I noticed there was a new Kernel available for my SuSE boxen. Was
there some
| vulnerability that I didn't patch for?
|
| Thanks,
| Matt
|
The most recent vulnerability was the ptrace exploit announced by Alan
Cox back in March. If you're running a 2.4.18-27 or higher kernel you
shouldn't be vulnerable. It's a local exploit, remote exploitation isn't
possible. See: http://lwn.net/Articles/25669/
- --
Andrew Mathews
- ---------------------------------------------------------------------
~ 12:47pm up 12:04, 6 users, load average: 1.23, 1.17, 1.16
- ---------------------------------------------------------------------
Lee's Law:
Mother said there would be days like this,
but she never said that there'd be so many!
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org
iD8DBQE/QSBBidHQ0m/kEssRAsthAKCCkGB1IWK54hE8t2L1uIwz3juXpwCdHyP4
LkpNAWfMgr9RslP6XuTkfpw=
=/kHV
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list