Debian Security Advisory DSA 413-1 (kernel-source-2.4.18, Kernel-image-2.4.18-1-i386) Network Vulnerability

Summary

The remote host is missing an update to kernel-source-2.4.18, kernel-image-2.4.18-1-i386 announced via advisory DSA 413-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20413-1

Insight

Paul Starzetz discovered a flaw in bounds checking in mremap() in the Linux kernel (present in version 2.2.x, 2.4.x and 2.6.x) which may allow a local attacker to gain root privileges. For the stable distribution (woody) this problem has been fixed in kernel-source version 2.4.18-14.1 and kernel-images versions 2.4.18-12.1 and 2.4.18-5woody6 (bf) for the i386 architecture. For the unstable distribution (sid) this problem will be fixed soon with newly uploaded packages. We recommend that you upgrade your kernel packages. This problem has

Severity

Classification

CVE CVE-2003-0985

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1072-1 (nagios)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 065-1 (samba)
Debian Security Advisory DSA 1031-1 (cacti)
Debian Security Advisory DSA 069-1 (xloadimage)

Debian Security Advisory DSA 413-1 (kernel-source-2.4.18, kernel-image-2.4.18-1-i386)

Take action and discover your vulnerabilities