Mailinglist Archive: opensuse-security (547 mails)
| < Previous | Next > |
Re: [suse-security] modutils update
- From: Knut Woller <woller@xxxxxxxxxxxx>
- Date: Tue, 14 Nov 2000 15:42:03 +0100 (MET)
- Message-id: <Pine.LNX.4.02.10011141521060.12869-100000@xxxxxxxxxxxxxxx>
On Tue, 14 Nov 2000, Roman Drahtmueller wrote:
> You don't need any kind of script. But: ping6 is the only program known so
> far that could trigger the loading of modules with arbitrary names.
Maybe, but Bastian's original question remains unanswered: SuSE 6.3
shipped with modules-2.3.6-3. Does this version already contain the
vulnerability? And if so, can we expect a fixed RPM from SuSE?
With a few million lines of custom code on 500+ SuSE 6.3 boxes here, it is
not too assuring that ping6 is the only package _you_ know to exploit the
bug.
Cheers,
Knut
--
Knut Woller My opinions do not necessarily
DESY -IT- reflect the views of my employer.
Hamburg And vice versa.
| < Previous | Next > |