On Thu, Jun 08, 2000 at 02:03:21PM +0200, Wichert Akkerman wrote: > Previously Christian Hammers wrote: > > Is it right that there must exist a vulnerability in the server, too that > > allowes the attacker to execute code to exploit the capabilities bug? > > In other words, how severe is the urge to update the kernels on our > > production systems? > > It indeed requires local access to the machine. there is however a sunrpc fix in 2.2.16 that Alan Cox feels is remotely exploitable. if your not running sunrpc you should be ok there though.. still it is not a good idea to leave local holes open since there are other ways to get local access, (say a bad CGI in apache, could get you a www-data shell) or of course bind, wu-ftpd etc. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpl9B1D0MNuJ.pgp
Description: PGP signature