Slackware Advisory SSA:2003-336-01 Kernel Security Update Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2003-336-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2003-336-01

Insight

New kernels are available for Slackware 9.1 and -current. These have been upgraded to Linux kernel version 2.4.23, which fixes a bug in the kernel's do_brk() function that could be exploited to gain root privileges. These updated kernels and modules should be installed by any sites running a 2.4 kernel earlier than 2.4.23. Linux 2.0 and 2.2 kernels are not vulnerable. More details about the Apache issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0961

Severity

Classification

CVE CVE-2003-0961

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Slackware Advisory SSA:2004-266-02 GTK+ image loading flaws
Slackware Advisory SSA:2004-136-01 mc
Slackware Advisory SSA:2004-278-02 zlib DoS
Slackware Advisory SSA:2006-340-01 gnupg
Slackware Advisory SSA:2003-259-02 ProFTPD Security Advisory

Slackware Advisory SSA:2003-336-01 Kernel security update

Take action and discover your vulnerabilities