|
Family: Debian Local Security Checks --> Category: infos
[DSA1060] DSA-1060-1 kernel-patch-vserver Vulnerability Scan
Vulnerability Scan Summary DSA-1060-1 kernel-patch-vserver
Detailed Explanation for this Vulnerability Test
Jan Rekorajski discovered that the kernel patch for virtual private servers
does not limit context capabilities to the root user within the virtual
server, which might lead to privilege escalation for some virtual server
specific operations.
The old stable distribution (woody) does not contain kernel-patch-vserver
packages.
For the stable distribution (sarge) this problem has been fixed in
version 1.9.5.6.
For the unstable distribution (sid) this problem has been fixed in
version 2.0.1-4.
We recommend that you upgrade your kernel-patch-vserver package and
rebuild your kernel immediately.
Solution : http://www.debian.org/security/2006/dsa-1060
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|