September 10th, 2002, 07:31 AM
trouble with Linuxconf
For those of you using Linux, you will want to be aware and get your systems patched if not done already.
Linuxconf has a buffer overlow which can potentially be exploited locally to leverage root access. Evidently, if one were to get shell access, then they likewise could use it to leverage an account to root priveledges as well.
Vulnerable versions : Click here
Details on what it is : Click here
Exploit details : None available at present time.
Patch Information : Click here for links to vendor released patches
As always, do take the time to get your systems patched. What good is your firewall and IDS if you are permitting users to work around it in the first place.
\"I believe that you can reach the point where there is no longer any difference between developing the habit of pretending to believe and developing the habit of believing.\"
September 10th, 2002, 02:39 PM
If you are still using linuxconf in newer versions of linux I pity you anyways.
Linuxconf is depricated and needs to be dropped.
I do agree though, patch it if you use it.
Antionline in a nutshell
\"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"
Trust your Technolust
September 20th, 2002, 02:20 AM
I don't think that this will apply to my network (if it does, thanks amuch for the notice), but I am wondering...whatever happened to linuxconf? I used it in Mandrake 7.1, but I couldn't find it in RH 7.2? Is it now extinct? Has something replaced it? Just curious...pardon my ignorance...I'm still learning...
Opinions are like
holes - everybody\'s got\'em.