Serious Linux Security Flaw Found

Discussion in 'other security issues & news' started by AplusWebMaster, Dec 2, 2003.

Thread Status:
Not open for further replies.
  1. AplusWebMaster

    AplusWebMaster Registered Member

    Joined:
    Jun 14, 2003
    Posts:
    239
    Location:
    Philadelphia, PA, USA
    :( FYI...
    http://www.pcworld.com/news/article/0,aid,113700,00.asp
    December 02, 2003
    "A serious vulnerability in the Linux 2.4 kernel has been discovered. The flaw allows users on a Linux machine to gain unlimited access privileges, according to a security advisory posted by developers of the noncommercial Debian Linux distribution. The bug affects versions of the Linux kernel prior to 2.4.23...'It's a local-only compromise that you can't trigger from the outside,'...said Linux creator Linus Torvalds. 'To most people, it would thus become serious only after you had some account hacked into--the bug then allows elevation of privileges.'...The bug does not only affect Debian users, however. Any Linux user running a version of the kernel prior to 2.4.23 should contact their distribution provider to see whether a patch for the exploit has been made available, Torvalds said..."
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    the only good news in this is that on a single user computer it is not a problem because an outside source can't exploit it :D :D
     
Loading...
Thread Status:
Not open for further replies.