[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00

Subject: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
From: "Brian Foy Jr." <brian@xxxxxxxxxxxxx>
Date: Sat, 10 Jun 2000 11:48:15 -0400
Organization: eWebPlace.com, Inc.

Jeff Lovell wrote:

> Cobalt Security Notice - 06.o0.00
> ----------------------------------
>
> As many of you may have heard, there has recently surfaced
> a bug with how the Linux kernel handles SUID programs on
> in kernel version 2.2.
>
> This exploit allowed local users will shell access to
> comprimise the system with the use of suid programs such
> as sendmail and procmail.
>
> Cobalt has addressed this issue by patching the
> 2.2.14 kernel to prevent these types of attacks.  The
> new kernel is available for download from the following
> location:
>
> Kernel Image: (required)
> ftp://ftp.cobaltnet.com/pub/experimental/kernel-2.2.14C9-1.i386.rpm
>
> Kernel Headers: (required)
> ftp://ftp.cobaltnet.com/pub/experimental/kernel-headers-2.2.14C9-1.i386.rpm
>
> Bandwidth Management Module: (required)
> ftp://ftp.cobaltnet.com/pub/experimental/bwmgmt-1.0-13.i386.rpm
>
> Kernel Source: (optional)
> ftp://ftp.cobaltnet.com/pub/experimental/kernel-source-2.2.14C9-1.i386.rpm
>
> md5sum                            rpm
> ------------------------------------------------------------
> 544efe39ace7abd531807d4ec693a618  kernel-2.2.14C9-1.i386.rpm
> 0972c362ba9747b1f9a22702f9bbd673  kernel-headers-2.2.14C9-1.i386.rpm
> 7d95bcf93dfe17bad3d353a6e3d2d6ab  bwmgmt-1.0-13.i386.rpm
> 4e925b687a1543bfcac5792c57125cb7  kernel-source-2.2.14C9-1.i386.rpm
>
> This kernel release is considered experimental while extensive
> testing is done.  If you feel you are not vulnerable to this
> exploit, it is recommended that you wait for the offical pkg
> update.
>
> --
> Jeff Lovell
> Cobalt Networks, Inc.
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

Where is an example of the exploit available so that I can test my box and see
if it's vulnerable?

Brian Foy Jr.
CIO - eWebPlace.com, Inc.
http://www.ewebplace.com

Follow-Ups:
- Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
  - From: Jeff Lovell

References:
- [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
Next by Date: [cobalt-security] Re: Re: changing "admin" login defualt
Previous by thread: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00
Next by thread: Re: [cobalt-security] Cobalt Security Notice - Linux Kernel - 06/09/00

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index