|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2001:082-1: kernel Vulnerability Assessment Details
|
MDKSA-2001:082-1: kernel |
||
Check for the version of the kernel package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2001:082-1 (kernel). Rafal Wojtczuk found a vulnerability in the 2.2.19 and 2.4.11 Linux kernels with the ptrace code and deeply nested symlinks spending an arbitrary amount of time in the kernel code. The ptrace vulnerability could be used by local users to gain root privilege, the symlink vulnerability could result in a local DoS. Update: There is an additional vulnerability in the kernel's syncookie code which could potentially permit a remote attacker to guess the cookie and bypass existing firewall rules. The discovery was found by Manfred Spraul and Andi Kleen. NOTE: This update is *not* meant to be done via MandrakeUpdate! You must download the necessary RPMs and upgrade manually by following these steps: 1. Type: rpm -ivh kernel-[version].i586.rpm 2. Type: mv kernel-[version].i586.rpm /tmp 3. Type: rpm -Fvh *.rpm 4a. You may wish to edit /etc/lilo.conf to ensure a new entry is in place. The new kernel will be the last entry. Change any options you need to change. You will also want to create a new entry with the initrd and image directives pointing to the old kernel's vmlinuz and initrd images so you may also boot from the old images if required. 4b. PPC users must execute some additional instructions. First edit /etc/yaboot.conf and add a new entry for the kernel and change any options that you need to change. You must also create a new initrd image to enable USB support for keyboards and mice by typing: mkinitrd --with=usb-ohci /boot/initrd-2.2.19-19.1mdk 2.2.19-19.1mdk 5a. Type: /sbin/lilo -v 5b. PPC users must type: /sbin/ybin -v You may then reboot and use the new kernel and remove the older kernel when you are comfortable using the upgraded one. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2001:082-1 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
ASUS H110M-R Motherboard Intel 6th/7th Gen LGA1151 DDR4 Micro-ATX i/o shield
$42.00
***NEW*** BCM RX67Q Gaming Motherboard | Intel Q67 2nd/3rd Gen. | LGA1155 | DDR3
$29.77
Asus H110M-C Rev 1.03 mATX Desktop Motherboard LGA 1151/Socket H4 DDR4 SDRAM
$26.99
Asus H81M-C Intel LGA1150 DDR3 Desktop Motherboard MicroATX Socket H3
$24.99
MSI A320M-A PRO AM4 AMD A320 USB3.2 Gen1 Micro-ATX Motherboard
$46.99
Micro ATX Desktop Motherboard ASUS H110M-C LGA 1151
$31.95
ASUS Prime Q270M-C LGA1151 DP HDMI VGA SATA 6GB/s USB 3.0 MicroATX Motherboard
$37.99
Gigabyte GA-B75M-HD3 Intel LGA1155 DDR3 Desktop Motherboard MicroATX USB 3.0
$26.99
BTC-S37 Mining Motherboard Kit /w SSD & Ram Preinstalled
$59.99
ASRock B250M-HDV LGA 1151 Micro ATX DDR4 Desktop Motherboard w/ IO Shield
$54.99
|
||
No Discussions have been posted on this vulnerability. |