Once upon a time, Robert G. (Doc) Savage <[email protected]> said: > I was concerned about this until I read this: > > http://isc.sans.edu/diary.html?storyid=9574 > > I downloaded and ran the "diagnose-2010-3081" binary on my RHEL55 server > and was relieved to see: > > $ ./diagnose-2010-3081 > Diagnostic tool for public CVE-2010-3081 exploit -- Ksplice, > Inc. > (see http://www.ksplice.com/uptrack/cve-2010-3081)
That tool only checks to see if any known backdoors have been installed (presumably by exploiting the CVS-2010-3081 hole). It does NOT actually check to see if your system is vulnerable. All RHEL 5 systems running the x86_64 kernel are currently vulnerable, unless you are running your own custom kernel or have applied the ksplice run-time patch. -- Chris Adams <[email protected]> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
