Executive Summary
| Summary | |
|---|---|
| Title | New Linux kernel packages (mips + mipsel) fix local root exploit |
| Informations | |||
|---|---|---|---|
| Name | DSA-270 | First vendor Publication | 2003-03-27 |
| Vendor | Debian | Last vendor Modification | 2003-03-27 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.2 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible. This advisory only covers kernel packages for the big and little endian MIPS architectures. Other architectures will be covered by separate advisories. For the stable distribution (woody) this problem has been fixed in version 2.4.17-0.020226.2.woody1 of kernel-patch-2.4.17-mips (mips+mipsel) and in version 2.4.19-0.020911.1.woody1 of kernel-patch-2.4.19-mips (mips only). The old stable distribution (potato) is not affected by this problem for these architectures since mips and mipsel were first released with Debian GNU/Linux 3.0 (woody). For the unstable distribution (sid) this problem has been fixed in version 2.4.19-0.020911.6 of kernel-patch-2.4.19-mips (mips+mipsel). We recommend that you upgrade your kernel-images packages immediately. |
Original Source
| Url : http://www.debian.org/security/2003/dsa-270 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:254 | |||
| Oval ID: | oval:org.mitre.oval:def:254 | ||
| Title: | Linux Kernel ptrace Privilege Escalation Vulnerability | ||
| Description: | The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2003-0127 | Version: | 2 |
| Platform(s): | Red Hat Linux 9 | Product(s): | Linux kernel |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
SAINT Exploits
| Description | Link |
|---|---|
| Linux kernel ptrace privilege elevation vulnerability | More info here |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 270-1 (kernel-patch-2.4.17-mips, kernel-patch-2.... File : nvt/deb_270_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 276-1 (kernel-patch-2.4.17-s390, kernel-image-2.... File : nvt/deb_276_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 311-1 (kernel) File : nvt/deb_311_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 312-1 (kernel-patch-2.4.18-powerpc) File : nvt/deb_312_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 332-1 (kernel-source-2.4.17, kernel-patch-2.4.17... File : nvt/deb_332_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 336-1 (kernel-source-2.2.20, kernel-image-2.2.20... File : nvt/deb_336_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 423-1 (kernel-image-2.4.17-ia64) File : nvt/deb_423_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 495-1 (kernel) File : nvt/deb_495_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 4565 | Linux Kernel ptrace Attached Process Privilege Escalation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-270.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-276.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-311.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-312.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-332.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-336.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-423.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-495.nasl - Type : ACT_GATHER_INFO |
| 2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-038.nasl - Type : ACT_GATHER_INFO |
| 2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-039.nasl - Type : ACT_GATHER_INFO |
| 2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2003_021.nasl - Type : ACT_GATHER_INFO |
| 2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-103.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:31:56 |
|
