Bug#465543: marked as done (vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.)

To: dann frazier <dannf@debian.org>
Subject: Bug#465543: marked as done (vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 13 Feb 2008 04:15:08 +0000
Message-id: <[🔎] handler.465543.D465543.12028760587611.ackdone@bugs.debian.org>
References: <20080213041357.GC18327@colo.lackof.org> <20080213035852.6724.33233.reportbug@janus.ajusco.upn.mx>

Your message dated Tue, 12 Feb 2008 21:13:57 -0700
with message-id <20080213041357.GC18327@colo.lackof.org>
and subject line Re: Bug#465543: vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.
has caused the Debian Bug report #465543,
regarding vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
465543: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=465543
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.
From: Vicm3 <vicm3@janus.ajusco.upn.mx>
Date: Tue, 12 Feb 2008 21:58:52 -0600
Message-id: <20080213035852.6724.33233.reportbug@janus.ajusco.upn.mx>

Package: nvidia-kernel-2.6.18-5-486
Version: 1.0.8776+6etch1
Severity: critical
Tags: security
Justification: root security hole

I tested the current exploits published on securityfocus and all get me
a root shell from non privileged account. I would be glad if you can
patch this package.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-686
Locale: LANG=en_US, LC_CTYPE= (charmap=ISO-8859-1)

Versions of packages nvidia-kernel-2.6.18-5-486 depends on:
ii  linux-image-2.6.18-5-48 2.6.18.dfsg.1-17 Linux 2.6.18 image on x86
ii  nvidia-kernel-common    20051028+1       NVIDIA binary kernel module common

nvidia-kernel-2.6.18-5-486 recommends no packages.

-- debconf-show failed

--- End Message ---

--- Begin Message ---

To: 465543@bugs.debian.org, 465543-submitter@bugs.debian.org

Cc: 465543-done@bugs.debian.org

Subject: Re: Bug#465543: vmsplice local root exploit on nvidia-kernel-2.6.18-5-486|686, CVE-2008-0163, CVE-2008-0600.

From: dann frazier <dannf@debian.org>

Date: Tue, 12 Feb 2008 21:13:57 -0700

Message-id: <20080213041357.GC18327@colo.lackof.org>

In-reply-to: <20080213035852.6724.33233.reportbug@janus.ajusco.upn.mx>

References: <20080213035852.6724.33233.reportbug@janus.ajusco.upn.mx>
Version: 2.6.18.dfsg.1-18etch1

On Tue, Feb 12, 2008 at 09:58:52PM -0600, Vicm3 wrote:
> Package: nvidia-kernel-2.6.18-5-486
> Version: 1.0.8776+6etch1
> Severity: critical
> Tags: security
> Justification: root security hole
> 
> I tested the current exploits published on securityfocus and all get me
> a root shell from non privileged account. I would be glad if you can
> patch this package.

 http://www.debian.org/security/2008/dsa-1494


-- 
dann frazier
--- End Message ---

Reply to:

Prev by Date: Processed: reassign 465543 to linux-2.6
Next by Date: Processing of linux-2.6_2.6.18.dfsg.1-18etch1_sparc.changes
Previous by thread: Processed: reassign 465543 to linux-2.6
Next by thread: Processing of linux-2.6_2.6.18.dfsg.1-18etch1_sparc.changes
Index(es):
- Date
- Thread