Date: Wed, 22 Nov 2000 18:46:59 -0200
Subject: [CLSA-2000:340] Conectiva Linux Security Announcement -
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : modutils
SUMMARY : Local root exploit in modutils
DATE : 2000-11-22 18:46:00
ID : CLSA-2000:340
RELEASES : 5.1
The modutils package contains an utility called modprobe which is
normally used by the kernel when loading modules on demand. In
versions higher that 2.1.121, the modprobe utility could be tricked
into executing commands supplied as a module name. A normal user
cannot load kernel modules, but he/she can make the kernel at least
try to load a module with a given name by other means. If, as a
result, modprobe is called (with root privileges), the commands
will be executed as root or could at least be interpreted as
options for the modprobe program.
All Conectiva Linux 5.1 users should upgrade immediately. Prior
versions use modutils 2.1.121 (or earlier) that does not contain
This problem was found by Sebastian Krahmer and first reported to
Bugtraq by Michal Zalewski. We would like to thank Keith Owens for
releasing a new version that addresses the security issues.
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.