[WBEL-users] Kernel exploit currently on slashdot does not appear to be a threat
Ben Mohilef
benm@dsl-only.net
Sat, 08 Jan 2005 11:55:48 -0800
Looking at the exploit, could this be the same as the exploit RH fixed in November
for the binelf loader problem? From their kernel changelog of 11-12-04:
"- fix binfmt_elf loader vulnerabilities (Jim Paradis, Dave Anderson)"
If so, all RH 2.4.20-2x kernels may not be vulnerable.
On 7 Jan 2005 at 16:49, John Morris wrote:
>
> Guess there is an upside to releasing a proof of concept exploit on
> day zero, in that a test for vulnerability was quick and easy but
> giving the major vendors some lead before publishing the 'sploit is
> probably a good thing.