blob: b1b4b1cd75cdb661bab2fc924a42b40241aad2c1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
Candidate: CVE-2003-0127
References:
VULNWATCH:20030317 Fwd: Ptrace hole / Linux 2.2.25
URL:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html
REDHAT:RHSA-2003:098
URL:http://rhn.redhat.com/errata/RHSA-2003-098.html
REDHAT:RHSA-2003:088
URL:http://rhn.redhat.com/errata/RHSA-2003-088.html
SUSE:SuSE-SA:2003:021
ENGARDE:ESA-20030318-009
DEBIAN:DSA-270
URL:http://www.debian.org/security/2003/dsa-270
DEBIAN:DSA-276
URL:http://www.debian.org/security/2003/dsa-276
DEBIAN:DSA-311
URL:http://www.debian.org/security/2003/dsa-311
DEBIAN:DSA-312
URL:http://www.debian.org/security/2003/dsa-312
DEBIAN:DSA-332
URL:http://www.debian.org/security/2003/dsa-332
DEBIAN:DSA-336
URL:http://www.debian.org/security/2003/dsa-336
DEBIAN:DSA-423
URL:http://www.debian.org/security/2004/dsa-423
DEBIAN:DSA-495
URL:http://www.debian.org/security/2004/dsa-495
MANDRAKE:MDKSA-2003:038
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:038
MANDRAKE:MDKSA-2003:039
URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:039
CALDERA:CSSA-2003-020.0
URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt
ENGARDE:ESA-20030515-017
URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105301461726555&w=2
REDHAT:RHSA-2003:145
URL:http://www.redhat.com/support/errata/RHSA-2003-145.html
GENTOO:GLSA-200303-17
URL:http://security.gentoo.org/glsa/glsa-200303-17.xml
CERT-VN:VU#628849
URL:http://www.kb.cert.org/vuls/id/628849
OVAL:OVAL254
URL:http://oval.mitre.org/oval/definitions/data/oval254.html
Description:
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and
2.4.x before 2.4.21, allows local users to gain root privileges by
using ptrace to attach to a child process that is spawned by the
kernel.
Notes:
Changeset comments say "Linux 2.5 is not believed to be vulnerable.",
so marking this issue as N/A for 2.6.
Bugs:
upstream: released (2.4.21-pre6)
linux-2.6: N/A
2.6.8-sarge-security: N/A
2.4.27-sarge-security: N/A
2.4.19-woody-security: released (2.4.19-4.woody2)
2.4.18-woody-security: released (2.4.18-7)
2.4.17-woody-security: released (2.4.17-1woody1)
2.4.16-woody-security: released (2.4.16-1woody2)
2.4.17-woody-security-hppa: released (32.5)
2.4.17-woody-security-ia64: released (011226.14.1)
2.4.18-woody-security-hppa: released (62.4)
|