eWeek: Researchers Find Serious Vulnerability in Linux Kernel
Dec 02, 2003, 02:28 (13 Talkback[s])
(Other stories by Dennis Fisher)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
[ Thanks to David for this link.
"Security professionals took note of a critical new
vulnerability in the Linux kernel that could enable an attacker to
gain root access to a vulnerable machine and take complete control
of it. An unknown cracker recently used this weakness to compromise
several of the Debian Project's servers, which led to the discovery
of the new vulnerability.
"This discovery has broad implications for the Linux community.
Because the flaw is in the Linux kernel itself, the problem affects
virtually every distribution of the operating system and several
vendors have confirmed that their products are vulnerable. The
vulnerability is in all releases of the kernel from Version 2.4.0
through 2.5.69, but has been fixed in Releases 2.4.23-pre7 and
Project Reports Some Servers Compromised(Nov 21, 2003)