Account
♦ Password
♦ Mailsetup
♦ Info
Services
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
News
♦ Newsletter
♦ Submit
♦ Search
Readme
Hacks
♦ Linux
Tools
Contact
About


  Local rootexploit in Linux kernel
Linux Posted by Beat Rubischon on Thursday December 04, @09:03AM
from the long-unknown-now-critical dept.
After the breakin in the servers of the Debian project, analyzes showed that a hole in the Linux kernels below 2.4.22 was used to gain root and install suckit. It is the same technique used in the breakin in our environement in spring.

Also GNU's savannah was rooted.

We are currently upgrading all our servers and workstations and need to reboot them during this days.

Be sure to upgrade also your personal workstaton or notebook in case you are running Linux and check it with chckrootkit. You need a patched kernel from your distributor or compile your own Linux 2.4.23 from source. Linux 2.2 is not affected by this bug.

Please contact us immediately in case you had an account on GNU's Savannah or one of the affected Debian servers!

<  |  >

 

  Related Links
  • Articles on Linux
  • Also by Beat Rubischon
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <isg@phys.ethz.ch>