Mandrake Linux Security Advisory : kernel (MDKSA-2001:079-2)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

Alexander Viro discovered a vulnerability in the devfs implementation
that is shipped with Mandrake Linux 8.1. We are aware of the problem
and are currently working on a solution. As a workaround, until an
update becomes available, please boot with the devfs=nomount option.

Rafal Wojtczuk found a vulnerability in the 2.2.19 and 2.4.11 Linux
kernels with the ptrace code and deeply nested symlinks spending an
arbitrary amount of time in the kernel code. The ptrace vulnerability
could be used by local users to gain root privilege, the symlink
vulnerability could result in a local DoS.

There is an additional vulnerability in the kernel's syncookie code
which could potentially allow a remote attacker to guess the cookie
and bypass existing firewall rules. The discovery was found by Manfred
Spraul and Andi Kleen.

Update :

The previous advisory was missing the md5sums for the lm_utils
packages. The md5sums are now included in the package list.

NOTE: This update is *not* meant to be done via MandrakeUpdate! You
must download the necessary RPMs and upgrade manually by following
these steps :

1. Type: rpm -ivh kernel-[version].i586.rpm 2. Type: mv
kernel-[version].i586.rpm /tmp 3. Type: rpm -Fvh *.rpm 4a. You may
wish to edit /etc/lilo.conf to ensure a new entry is in place. The new
kernel will be the last entry. Change any options you need to change.
You will also want to create a new entry with the initrd and image
directives pointing to the old kernel's vmlinuz and initrd images so
you may also boot from the old images if required. 4b. PPC users must
execute some additional instructions. First edit /etc/yaboot.conf and
add a new entry for the kernel and change any options that you need to
change. You must also create a new initrd image to enable USB support
for keyboards and mice by typing: mkinitrd --with=usb-ohci
/boot/initrd-2.4.8-31.3mdk 2.4.8-31.3mdk 5a. If you use lilo, type:
/sbin/lilo -v 5b. If you use GRUB, type: sh /boot/grub/install.sh 5c.
PPC users must type: /sbin/ybin -v

You may then reboot and use the new kernel and remove the older kernel
when you are comfortable using the upgraded one.

See also :

http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14777 (mandrake_MDKSA-2001-079.nasl)

Bugtraq ID:

CVE ID: CVE-2001-0907
CVE-2001-1384

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now