Re: [SECURITY] [DSA 1378-1] New Linux 2.6.18 packages fix several vulnerabilities
Apologies if this has already been posted, but:
For CVE-2007-4573 - The proof of concept code posted by Robert Swiecki
on the bugtraq list [1] still works as a local root exploit for the Xen
kernels on AMD64 in the updated packages:
linux-image-2.6.18-5-xen-vserver-amd64_2.6.18.dfsg.1-13etch3_amd64.deb
and
linux-image-2.6.18-5-xen-amd64_2.6.18.dfsg.1-13etch3_amd64.deb
- Tim
[1] http://seclists.org/bugtraq/2007/Sep/0363.html
--
Tim Wickberg
wickbt@rpi.edu
Senior Systems Administrator
Office of the Vice President of Research
Rensselaer Polytechnic Institute
Reply to: