Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:001: kernel Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kernel package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:001 (kernel).
A flaw in bounds checking in mremap() in the Linux kernel versions 2.4.23 and
previous was discovered by Paul Starzetz. This flaw may be used to allow a local
attacker to obtain root privilege.
Another minor information leak in the RTC (real time clock) routines was fixed
All Mandrake Linux users are encouraged to upgrade to these packages
immediately. To update your kernel, please follow the directions located at:
Mandrake Linux 9.1 and 9.2 users should upgrade the initscripts (9.1) and
bootloader-utils (9.2) packages prior to upgrading the kernel as they contain a
fixed installkernel script that fixes instances where the loop module was not
being loaded and would cause mkinitrd to fail.
Users requiring commercial NVIDIA drivers can find drivers for Mandrake Linux
9.2 at MandrakeClub.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:001
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.