Linux 2.4 Kernel Exploit in Wild Published: Dec 03, 2003

• Rating

  5/5

A new linux kernel exploit is out in the wild, make sure to secure your server quickly before someone takes control and exploits your valuable systems.

(Exploit in the wild) Updated 2.4 kernel fixes privilege escalation vulnerability

Suggest everyone get on this one pronto folks!

http://rhn.redhat.com/errata/RHSA-2003-392.html
See above url for kernel updates

Coverage on slashdot of Debian project server compromise: 
http://developers.slashdot.org/developers/03/12/01/2133249.shtml?tid=106&tid=185&tid=90

Updated 2.4 kernel fixes privilege escalation security vulnerability
Advisory: RHSA-2003:392-05
Last updated on: 2003-12-01

Affected Products:
Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
Red Hat Linux 9
CVEs (cve.mitre.org): CAN-2003-0961

Security Advisory Details:
Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation. The Linux kernel handles the basic functions of the operating system.

A flaw in bounds checking in the do_brk() function in the Linux kernel versions 2.4.22 and previous can allow a local attacker to gain root privileges.

This issue is known to be exploitable; an exploit has been seen in the wild that takes advantage of this vulnerability.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0961 to this issue. All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this vulnerability. Important: If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from RHSA-2003:187, and if you use Red Hat Linux 7.2 or 7.3, you must have installed quota-3.06-9.7 from RHSA-2003:187

For Server Management and Kernel Upgrade Services contact Steve from Tower Host