Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA433] DSA-433-1 kernel-patch-2.4.17-mips

Vulnerability Assessment Details

[DSA433] DSA-433-1 kernel-patch-2.4.17-mips

Vulnerability Assessment Summary
DSA-433-1 kernel-patch-2.4.17-mips

Detailed Explanation for this Vulnerability Assessment

Red Hat and SuSE kernel and security teams revealed an integer overflow
in the do_brk() function of the Linux kernel permits local users to
gain root rights.
For the stable distribution (woody) this problem has been fixed in
version 2.4.17-0.020226.2.woody4. Other architectures are already or
will be fixed separately.
For the unstable distribution (sid) this problem will be fixed soon
with newly uploaded packages.
We recommend that you upgrade your kernel image packages for the mips
and mipsel architectures. This problem has been fixed in the upstream
version 2.4.23 as well and is also fixed in 2.4.24, of course.

Solution : http://www.debian.org/security/2004/dsa-433
Network Security Threat Level: High

Networks Security ID: 9138

Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi

Cables, Connectors