[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] suse 8.1 : ptrace exploit (Solved)



Kastus <NOSPAM@xxxxxxxxxx> wrote:
>
>On Mon, Dec 01, 2003 at 12:22:52AM +0100, Olivier M. wrote:
>> 
>> I don't remember when the update has been installed,
>> so I can't tell if server has been rebooted since then. 
>
> rpm -qi k_deflt
>
> It tells package installation date.
>
> Regards, -Kastus
>
>-- 

Kastus,

Another good command for Oliver to have run, would have been "uptime"
It would have told him how long the system has been running (man uptime).

For as you had surmised early on, after installing the new
Kernel last September, they (probably not Oliver but SyS Admin on that machine) forgot to "re-boot" the machine.

Hence their machine was still running the old kernel.

If they had used either YOU or fou4s, the "script" would have
reminded them to re-boot. 

Or if they had read SuSE-Security Readme:
http://www.suse.de/de/security/2003_034_kernel.html
Step 4:  "Re-boot."

the problem would have been solved last September,
without worrying the rest of us who are running 8.1,
with the vanila k_deflt kernel.

Oh well.
Bottom line, another mystery solved.

Gar

-- 




__________________________________________________________________
McAfee VirusScan Online from the Netscape Network.
Comprehensive protection for your entire computer. Get your free trial today!
http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397

Get AOL Instant Messenger 5.1 free of charge.  Download Now!
http://aim.aol.com/aimnew/Aim/register.adp?promo=380455

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here