On Mon, 7 Apr 2003 17:44:17 +0300 (EEST) Tarhon-Onu Victor <mituc@xxxxxxxxxxxxxx> wrote: > Both kernel versions are vulnerable to ptrace exploit (localy) > (you said you-re running a free webmail, this mean cgi/php/whatever). > Both kernels may not have been patched against NIC drivers problem which > > is possible remotely exploatable. While it is likely that some shell commands can be run through php, this is only true for the web server box. And i've seen what appears to be the same thing on the mailserver box more than two hours before it happened on the web server. NIC padding ... well if i understand that problem correctly, it would only allow an attacker to read certain parts of memory that happens to be sent out with certain packets. But both these boxen are behind a ipchains firewall that does masq & vlan & some filtering, so i find that unlikely too. More ideas? :) -- Jure Pecar _______________________________________________ Redhat-devel-list mailing list Redhat-devel-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/redhat-devel-list
