Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Adam Rykala on October 19, 2001, 09:15:42 PM

Title: BUGTRAQ
Post by: Adam Rykala on October 19, 2001, 09:15:42 PM

http://slashdot.org/article.pl/10/19/141229&mode=flat&threshold=-1

Apparently we've got a new root vulnerability that affects a wide range of kernel versions...

E-Smith guys - do we have to worry here?

Ad

Title: Re: BUGTRAQ
Post by: Dan Brown on October 19, 2001, 10:09:57 PM

Generally discussion of (potential) security vulnerabilities should be directed to security@e-smith.com rather than a public discussion board.  However, from what I can see, this vulnerability exists only if you have given non-root users shell access.  Since the default e-smith/SME installation does not do this, an unmodified installation should not be vulnerable.