Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Security issue
« previous next »
Pages: [1]   Go Down

Security issue

  • 2 Replies
  • 812 Views

tcarroll

Security issue
« on: February 27, 2004, 04:51:36 AM »
Why isn't there anything on the front page of Contribs.org, which is where the news link takes me, concerning the latest security vulnerability?

It would be nice to be able to read whether or not the latest do_mremap() vulnerability affects any of the SME distributions, such as 6.0 or 5.6 without having to go digging in the archives.

Tom Carroll
Logged

Floyd

Security issue
« Reply #1 on: February 27, 2004, 05:51:47 AM »
For your information apparently sme is safe.  The way it was explained to me is that mremap cause privilege escalation.  However since you can only log-in as root you cannot really give yourself more privileges.  But I would think you would want to be carefull with the contribs that allow you to log on with a user shell because I know the proof of concept exploits for mremap show the kernel is exploitable.
Logged

tcarroll

Security issue
« Reply #2 on: February 27, 2004, 08:19:19 AM »
Thanks Floyd!
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: Security issue