[WBEL-users] Kernel exploit currently on slashdot does not appear to be a threat
John Morris
jmorris@beau.org
Fri, 7 Jan 2005 16:49:42 -0600 (CST)
Just compiled the example exploit code featured in a slashdot headline
today and it does not appear to be able to produce a root shell on WBEL3.
Since RHEL3 should also be safe there probably won't be an errata.
Guess there is an upside to releasing a proof of concept exploit on day
zero, in that a test for vulnerability was quick and easy but giving the
major vendors some lead before publishing the 'sploit is probably a good
thing.
--
John M. http://www.beau.org/~jmorris This post is 100% M$ Free!
Geekcode 3.1:GCS C+++ UL++++$ P++ L+++ W++ w--- Y++ b++ 5+++ R tv- e* r