Hi all,
I thought this might be of interest to Apache users running Linux.
> A vulnerability in some versions of Linux has recently been
> identified.
>
> SYSTEMS AFFECTED
>
> Linux kernel versions 2.2.x before 2.2.16
> (2.0.x are safe; 2.2.16 is safe)
>
> IMPACT
>
> Any local user can gain root privileges <<<<<<<<<<<<<<<<<<<<<<
>
> TO FIX
>
> Upgrade to kernel 2.2.16
>
> REFERENCES
>
> Postings regarding the vulnerability to BUGTRAQ:
>
>
> http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-01&m
> [EMAIL PROTECTED]
>
> http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-01&m
> sg=070b01bfd0cd$95b678e0$[EMAIL PROTECTED]
>
> http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-01&m
> [EMAIL PROTECTED]
>
> Source for Linux kernel version 2.2.16:
>
> http://www.kernel.org/pub/linux/kernel/v2.2/linux-2.2.16.tar.gz
>
> NOTES
>
> Don't be confused by the references to Sendmail in the descriptions
> of the bug - its role in this vulnerability is incidental and other
> setuid programs may be usable in a similar way.
>
>
73,
Ged.
