• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linux modprobe Arbitrary Command Execution Vulnerability

Solution:
Keith Owens <kaos@ocs.com.au> submitted a patch for modutils 2.3.9.

S.u.S.E., RedHat, Wirex, Conectiva Debian, and Mandrake have released patches for this vulnerability.

RedHat re-released their patches on November 17, 2000. Users who applied the patches available previous to this re-release (modutils version 2.3.20-0.6.2 ) should execute the following command as root to correct a mistake in the patch release:

mv /etc/modules.conf /etc/conf.modules


GNU Linux modutils 2.3.9

• Conectiva 5.1 i386 modutils-2.3.21-1cl
  ftp://atualizacoes.conectiva.com.br/5.1/i386/modutils-2.3.21-1cl.i386. rpm


• Debian 2.2 Alpha modutils_2.3.11-12_alpha
  http://security.debian.org/dists/stable/updates/main/binary-alpha/modu tils_2.3.11-12_alpha.deb


• Debian 2.2 Arm modutils_2.3.11-12_arm
  http://security.debian.org/dists/stable/updates/main/binary-arm/moduti ls_2.3.11-12_arm.deb


• Debian 2.2 i386 modutils_2.3.11-12
  http://security.debian.org/dists/stable/updates/main/binary-i386/modut ils_2.3.11-12_i386.deb


• Debian 2.2 m68k modutils_2.3.11-12
  http://security.debian.org/dists/stable/updates/main/binary-m68k/modut ils_2.3.11-12_m68k.deb


• Debian 2.2 ppc modutils_2.3.11-12
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/mo dutils_2.3.11-12_powerpc.deb


• Debian 2.2 Sparc modutils_2.3.11-12
  http://security.debian.org/dists/stable/updates/main/binary-sparc/modu tils_2.3.11-12_sparc.deb


• Keith Owens modutils.patch
  /data/vulnerabilities/patches/modutils.patch


• MandrakeSoft 7.1 i386 modutils-2.3.20-1.2mdk.i586.rpm
  http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.1/RPMS/ modutils-2.3.20-1.2mdk.i586.rpm


• MandrakeSoft 7.2 i386 modutils-2.3.20-1.1mdk.i586.rpm
  http://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/ modutils-2.3.20-1.1mdk.i586.rpm


• Red Hat Inc. 6.2 alpha modutils-2.3.21-0.6.2.alpha.rpm
  ftp://updates.redhat.com/6.2/alpha/modutils-2.3.21-0.6.2.alpha.rpm


• Red Hat Inc. 6.2 i386 modutils-2.3.21-0.6.2.i386.rpm
  ftp://updates.redhat.com/6.2/i386/modutils-2.3.21-0.6.2.i386.rpm


• Red Hat Inc. 6.2 sparc modutils-2.3.21-0.6.2.sparc.rpm
  ftp://updates.redhat.com/6.2/sparc/modutils-2.3.21-0.6.2.sparc.rpm


• Red Hat Inc. 7.0 i386 modutils-2.3.21-1.i386.rpm
  ftp://updates.redhat.com/7.0/i386/modutils-2.3.21-1.i386.rpm


• S.u.S.E. 6.4 (Intel): modutils-2.3.9-63
  ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/modules-2.3.9-63.i386.r pm


• S.u.S.E. 6.4 (Sparc): modules-2.3.9-63
  ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/modules-2.3.9-63.ppc.rpm


• S.u.S.E. 7.0 (Intel): modutils-2.3.11
  ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/modules-2.3.11-73.i386. rpm


• S.u.S.E. 7.0 (Sparc): modules-2.3.11
  ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/modules-2.3.11-73.spar c.rpm


• Wirex Immunix 6.2 modutils-2.3.20-0.6.2
  http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/modutils-2.3.20 -0.6.2_StackGuard.i386.rpm


• Wirex Immunix 7.0-Beta modutils-2.3.20-1
  http://www.immunix.org:8080/ImmunixOS/7.0-beta/updates/RPMS/modutils-2 .3.20-1_StackGuard.i386.rpm