Re: Kernel 2.2.15 hole ?
There were some other security holes in the kernel which was corrected in 2.2.19pre9 or somewhere around that pre-release concerning the signed/unsigned usage of some int variables. I think this is a sufficient reason for upgrading. Regards, Robert Varga On Mon, 5 Mar 2001, David Wright wrote: Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. Perhaps it's at http://www.uk.debian.org/security/2000/2612 ? i.e. 2.2.15-3 is patched. Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.2.15 hole ?
On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Hi, Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. -- Stephen Walton -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.2.15 hole ?
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. Perhaps it's at http://www.uk.debian.org/security/2000/2612 ? i.e. 2.2.15-3 is patched. Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.2.15 hole ?
On Mon, Mar 05, 2001 at 08:36:28AM +, [EMAIL PROTECTED] wrote: I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. you will want to upgrade to 2.2.19 when its available since 2.2.18 and below have another security hole (actually two). the first being a race condition that allows suid executables to be ptraced, this is potentially allows for root compromise. the other allows users to read arbitrary memory through a bug in sysctl() (depending on the attackers luck they could potentially grab a password or other sensitive information). both are only locally exploitable. (i know of no exploit for the ptrace race at this time, there is a proof of concept exploit for the sysctl() bug). -- Ethan Benson http://www.alaska.net/~erbenson/ PGP signature
Kernel 2.2.15 hole ?
Hi, Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted on sendmail's site at http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt Does this apply to the debian kernels? -- Stephen Walton
Re: Kernel 2.2.15 hole ?
On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Hi, Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted on sendmail's site at http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. -- Ethan Benson http://www.alaska.net/~erbenson/ pgpxrkzDilE1P.pgp Description: PGP signature
Re: Kernel 2.2.15 hole ?
On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Hi, Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. -- Stephen Walton
Re: Kernel 2.2.15 hole ?
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]): On Mon, Mar 05, 2001 at 03:31:07AM -0900, Ethan Benson wrote: On Thu, Mar 01, 2001 at 03:34:21AM +, Stephen Walton wrote: Has anyone seen the announcement about a root exploit in the 2.2.15 and earlier kernel versions as posted yes ages ago. Does this apply to the debian kernels? depends what debian kernel, i think some of them had backported patches, but really there is no reason to be running anything that old. upgrade to 2.2.18. I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. Perhaps it's at http://www.uk.debian.org/security/2000/2612 ? i.e. 2.2.15-3 is patched. Cheers, -- Email: [EMAIL PROTECTED] Tel: +44 1908 653 739 Fax: +44 1908 655 151 Snail: David Wright, Earth Science Dept., Milton Keynes, England, MK7 6AA Disclaimer: These addresses are only for reaching me, and do not signify official stationery. Views expressed here are either my own or plagiarised.
Re: Kernel 2.2.15 hole ?
On Mon, Mar 05, 2001 at 08:36:28AM +, [EMAIL PROTECTED] wrote: I purposely have a policy of not upgrading software (including the kernel) unless there is a good reason to do so, either with new functionality that is required, or for security reasons. I have no objections to upgrading in this instance, but I was more concerned that a search on Debians archives did not show this as a security issue. you will want to upgrade to 2.2.19 when its available since 2.2.18 and below have another security hole (actually two). the first being a race condition that allows suid executables to be ptraced, this is potentially allows for root compromise. the other allows users to read arbitrary memory through a bug in sysctl() (depending on the attackers luck they could potentially grab a password or other sensitive information). both are only locally exploitable. (i know of no exploit for the ptrace race at this time, there is a proof of concept exploit for the sysctl() bug). -- Ethan Benson http://www.alaska.net/~erbenson/ pgpJFOWmhZDjb.pgp Description: PGP signature