Re: 2.2.18 exploit, and updating the kernel
On Fri, 15 Mar 2002 18:16:22 EST
DORolfe@aol.com wrote:
I get: "Could not connect to remote server" when I try to follow that link.
I get: "The address is not available from this machine" when I strip out the extra leading ":" :)
I am curious as to seeing what potato is vulnerable to.
However: if you want the 2.4.* kernel on your deb box, you should upgrade to woody. Not only for the 2.4 kernel, but also for more up to date packages and security patches.
so do this:
debian# vi /etc/apt/sources.list
substitute "potato" w/ "woody" to upgrade to woody
deb http://security.debian.org/debian-security potato/updates main contrib non-free
deb http://security.debian.org/debian-non-US potato/non-US main contrib non-free
deb http://security.debian.org potato/updates main contrib non-free
debian# apt-get dist-upgrade
debian# apt-get update
debian# apt-get upgrade
That's the proper 'debian' way to do it. But if you've already been rooted you'll probably want to start from a fresh install. Download the install floppy images from http://ftp.us.debian.org/debian/dists/woody/main/disks-i386/current/images-1.44/
Hope that helps, and sorry to hear about the root job :(
Brad Beck - linux guru in beta
> I have a potato system - with the 2.2.18 kernel. Somone has gotten into a box
> on my network and used this exploit to gain root:
> http://:infected.ilm.net/xpl0itz/l1nux/epcs2.c+epcs2&hl=en&ie=ISO-8859-1
> The other boxes that are net accessible are openbsd -- This system is a dual
> p6 so I need debian for smp.
>
> Is there a proper 'debian' way to go about patching the kernel against this
> exploit, or updating the kernel to 2.4.
>
> Thanks,
> David Rolfe @ work
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
Reply to: