[WBEL-users] Kernel exploit currently on slashdot does not appear to be a threat

[Ben Mohilef]

Looking at the exploit, could this be the same as the exploit RH fixed in November 
for the binelf loader problem? From their kernel changelog of 11-12-04:
"- fix binfmt_elf loader vulnerabilities (Jim Paradis, Dave Anderson)"

If so, all RH 2.4.20-2x kernels may not be vulnerable.

On 7 Jan 2005 at 16:49, John Morris wrote:

> 
> Guess there is an upside to releasing a proof of concept exploit on
> day zero, in that a test for vulnerability was quick and easy but
> giving the major vendors some lead before publishing the 'sploit is
> probably a good thing.