[WBEL-users] Kernel exploit currently on slashdot does not appear to be a threat
Dean Troyer
Dean Troyer <dtroyer@gmail.com>
Fri, 7 Jan 2005 17:23:18 -0600
On Fri, 7 Jan 2005 16:49:42 -0600 (CST), John Morris <jmorris@beau.org> wrote:
> Just compiled the example exploit code featured in a slashdot headline
> today and it does not appear to be able to produce a root shell on WBEL3.
> Since RHEL3 should also be safe there probably won't be an errata.
I'll confirm this on WBEL kernels 2.4.21-15.EL and 2.4.21-20.EL, also
on RHEL 2.4.21-4.0.1.ELsmp and 2.4.21-9.EL.
FWIW, 2.4.9-e.24 and 2.4.9-e.43 on RHEL 2.1AS are stack faulting in
VMware and crashing the VM.
dt
--
Dean Troyer
dtroyer@gmail.com