On Wed, Mar 30, 2005 at 01:56:04PM +0000, BoneMachine wrote:
Hi, I've noticed a message on the Full-Disclosure mailinglist. The message states that there is no fix supplied in the vanilla kernel and that there is probably no fix in vendor supplied kernels for the CAN-2004-1074 vulnerability. The message to FD can be found at the following link: http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0820.html
Can any of you guys confirm that SuSE is still vulnerable?
The issue referenced by CAN-2004-0174 is fixed. The issue referenced by http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0820.html has another CAN number, CAN-2004-0173. CAN-2004-0173 is not fixed yet in SUSE kernels. However, disclosing the content of setuid root binaries is a minor problem. You usually can get access to these binaries by just downloading them from our ftp server for instance. Ciao, Marcus