English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.50706
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2003:038-1 (kernel)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to kernel
announced via advisory MDKSA-2003:038-1.

A bug in the kernel module loader code could allow a local user to gain
root privileges. This is done by a local user using ptrace and
attaching to a modprobe process that is spawned if the user triggers
the loading of a kernel module.

A temporary workaround can be used to defend against this flaw. It is
possible to temporarily disable the kmod kernel module loading
subsystem in the kernel after all of the required kernel modules have
been loaded. Be sure that you do not need to load additional kernel
modules after implementing this workaround. To use it, as root execute:

echo /no/such/file >/proc/sys/kernel/modprobe

To automate this, you may wish to add it as the last line of the
/etc/rc.d/rc.local file. You can revert this change by replacing the
content /sbin/modprobe in the /proc/sys/kernel/modprobe file. The
root user can still manually load kernel modules with this workaround
in place.

This update applies a patch to correct the problem. All users should
upgrade. Please note that the Mandrake Linux 9.1 kernel already has
this patch, and an updated kernel for Mandrake Linux 8.2 will be
available shortly.

For instructions on how to upgrade your kernel in Mandrake Linux,
please refer to:

http://www.mandrakesecure.net/en/kernelupdate.php

Update:

Kernels are now available for Mandrake Linux 8.2, 8.2/PPC, and Multi-
Network Firewall 8.2.

As well, the previously noted instructions for temporarily working
around the vulnerability are not completely accurate as they only
defend against a certain type of attack making use of this problem.
Users should upgrade to the update kernels, however if you are unable
to upgrade you may wish to look into the self-compiled
no-ptrace-module.c[1] that is loaded into a running kernel.

Affected versions: 8.2, Multi Network Firewall 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:038-1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0127
http://www.securiteam.com/tools/5SP082K5GK.html

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2003-0127
Caldera Security Advisory: CSSA-2003-020.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt
CERT/CC vulnerability note: VU#628849
http://www.kb.cert.org/vuls/id/628849
Debian Security Information: DSA-270 (Google Search)
http://www.debian.org/security/2003/dsa-270
Debian Security Information: DSA-276 (Google Search)
http://www.debian.org/security/2003/dsa-276
Debian Security Information: DSA-311 (Google Search)
http://www.debian.org/security/2003/dsa-311
Debian Security Information: DSA-312 (Google Search)
http://www.debian.org/security/2003/dsa-312
Debian Security Information: DSA-332 (Google Search)
http://www.debian.org/security/2003/dsa-332
Debian Security Information: DSA-336 (Google Search)
http://www.debian.org/security/2003/dsa-336
Debian Security Information: DSA-423 (Google Search)
http://www.debian.org/security/2004/dsa-423
Debian Security Information: DSA-495 (Google Search)
http://www.debian.org/security/2004/dsa-495
En Garde Linux Advisory: ESA-20030318-009
En Garde Linux Advisory: ESA-20030515-017
http://marc.info/?l=bugtraq&m=105301461726555&w=2
http://security.gentoo.org/glsa/glsa-200303-17.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2003:038
http://www.mandriva.com/security/advisories?name=MDKSA-2003:039
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A254
RedHat Security Advisories: RHSA-2003:088
http://rhn.redhat.com/errata/RHSA-2003-088.html
RedHat Security Advisories: RHSA-2003:098
http://rhn.redhat.com/errata/RHSA-2003-098.html
http://www.redhat.com/support/errata/RHSA-2003-103.html
http://www.redhat.com/support/errata/RHSA-2003-145.html
SuSE Security Announcement: SuSE-SA:2003:021 (Google Search)
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.