SUSE-SA:2003:021: kernel

This script is Copyright (C) 2004-2015 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2003:021 (kernel).


The Linux kernel has a security flaw in all versions used on SUSE
products excluding the upcoming SUSE LINUX 8.2 distribution. The flaw
is known as ptrace/modprobe bug: The local attacker can use ptrace and
attach to a modprobe process that is spawned if the user triggers the
loading of a kernel module using the kmod kernel module subsystem.
This can be done by asking for network protocols that are supplied by
kernel modules which are not loaded (yet). The vulnerability allows
the attacker to execute arbitrary commands as root.

Solution :

http://www.suse.de/security/2003_21_kernel.html

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 13791 ()

Bugtraq ID:

CVE ID: CVE-2003-0127

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now