Linux Today: Linux News On Internet Time.

More on LinuxToday

internetnews.com: Linux Privilege Escalation Hole Detected

Mar 09, 2004, 13:45 (12 Talkback[s])
(Other stories by Ryan Naraine)

"For the second time in as many months, security researchers have uncovered a privilege escalation security flaw in the Linux kernel.

"According to an advisory from computer security consultants iSEC Security Research, the flaw was found in the Linux kernel memory management code and is completely unrelated to a similar vulnerability reported in February.

"The flaw carries a 'critical' rating and affects Linux versions 2.2 up to and including 2.2.25; it also impacts versions 2.4 up to and including 2.4.24 as well as versions 2.6 up to and including 2.6.2.

"'Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. The vulnerability may also lead to a denial-of-service attack on the available system memory,' iSEC warned..."

Complete Story

Related Stories: