Linux modprobe Arbitrary Command Execution Vulnerability
Keith Owens <firstname.lastname@example.org> submitted a patch for modutils 2.3.9.
S.u.S.E., RedHat, Wirex, Conectiva Debian, and Mandrake have released patches for this vulnerability.
RedHat re-released their patches on November 17, 2000. Users who applied the patches available previous to this re-release (modutils version 2.3.20-0.6.2 ) should execute the following command as root to correct a mistake in the patch release:
mv /etc/modules.conf /etc/conf.modules
GNU Linux modutils 2.3.9