Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Linux Kernel Vulnerability, Ethereal Patches - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Linux Kernel Vulnerability, Ethereal Patches
Linux Kernel Vulnerability

Paul Starzetz ( ) identified a new vulnerability in all current linux kernels ( 2.2, 2.4 and 2.6 ). This vulnerability could allow unprivileged users to gain root access.

So far, we have not seen an exploit for this vulnerability.

New kernels were released today for all major linux distributions.

Kernel upgrades can be tricky and require a reboot of your system. Be advised to carefully test new kernels before deploying them. While this vulnerability is not directly remotely exploitable, it is possible that other vulnerabilities (e.g. cgi scripts) will be used to gain access to a machine as a non-privileged user. This vulnerability will allow such an intruder to escalate privileges and become root.

Vulnerable Kernels: 2.6.0, 2.4.23, 2.2.25 (and respective earlier versions)

Fixed Kernels: 2.4.24

Please submit any additions or corrections using the contact form at

Johannes Ullrich, SANS Institute,

Ethereal Patches

Debian has released Ethereal patches covering 5 issues;

Debian Security Advisory DSA 407-1

DSA-407-1 ethereal -- buffer overflows

Patrick Nolan

193 Posts
Jan 6th 2004

Sign Up for Free or Log In to start participating in the conversation!