Linux modprobe Arbitrary Command Execution Vulnerability

Bugtraq ID: 1936
Class: Input Validation Error
CVE:
Remote: No
Local: Yes
Published: Nov 12 2000 12:00AM
Updated: Nov 12 2000 12:00AM
Credit: Discovered by Sebastian Krahmer. First posted to Bugtraq by Michal Zalewski <lcamtuf@TPI.PL> on November 12, 2000. Keith Owens <kaos@ocs.com.au> posted updated information and a patch to Bugtraq on November 13, 2000.
Vulnerable: GNU Linux modutils 2.3.9
+ Conectiva Linux 5.1
+ Mandriva Linux Mandrake 7.2
+ RedHat Linux 7.0
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4
+ Wirex Immunix OS 7.0 -Beta
+ Wirex Immunix OS 6.2
Not Vulnerable: GNU Linux modutils 2.3.11
GNU Linux modutils 2.1.121


 

Privacy Statement
Copyright 2010, SecurityFocus