On Mon, Sep 20, 2010 at 13:06, Robert G. (Doc) Savage <[email protected]> wrote: > On Mon, 2010-09-20 at 09:08 -0400, Gary Gatling wrote: >> >> Will a new kernel be coming out soon to address CVE-2010-3081? >> >> Thanks, >> >> Gary Gatling | ITECS Systems > > Gary, > > I was concerned about this until I read this: > > http://isc.sans.edu/diary.html?storyid=9574 > > I downloaded and ran the "diagnose-2010-3081" binary on my RHEL55 server > and was relieved to see: > > $ ./diagnose-2010-3081 > Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, > Inc. > (see http://www.ksplice.com/uptrack/cve-2010-3081) >
Yeah that was where I was looking for the problem in... well it just looks for if your box has been rooted already. It does not say whether you are suceptible or not. The other tool I found does open a shell on .28+ kernels but does not work on RHEL-5.. which was where I got my bad information from. I was not running the acid one because I was not sure what else it does in its 'beauty & splender'. However since it does work on EL-5. It was explained to me that there are several issues involved here. one is the problem with a reintroduced bug and the other is a new one. -- Stephen J Smoogen. “The core skill of innovators is error recovery, not failure avoidance.” Randy Nelson, President of Pixar University. "We have a strategic plan. It's called doing things."" — Herb Kelleher, founder Southwest Airlines _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
