Test ID:	1.3.6.1.4.1.25623.1.0.53758
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 276-1 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390)
Summary:	The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390;announced via advisory DSA 276-1.
Description:	Summary: The remote host is missing an update to kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390 announced via advisory DSA 276-1. Vulnerability Insight: The kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. This hole allows local users to obtain root privileges by using ptrace to attach to a child process that is spawned by the kernel. Remote exploitation of this hole is not possible. This advisory only covers kernel packages for the S/390 architecture. Other architectures will be covered by separate advisories. For the stable distribution (woody) this problem has been fixed in the following versions: kernel-patch-2.4.17-s390: version 0.0.20020816-0.woody.1.1 kernel-image-2.4.17-s390: version 2.4.17-2.woody.2.2 The old stable distribution (potato) is not affected by this problem for this architecture since s390 was first released with Debian GNU/Linux 3.0 (woody). For the unstable distribution (sid) this problem will be fixed soon. Solution: We recommend that you upgrade your kernel-images packages immediately. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0127 Caldera Security Advisory: CSSA-2003-020.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-020.0.txt CERT/CC vulnerability note: VU#628849 http://www.kb.cert.org/vuls/id/628849 Debian Security Information: DSA-270 (Google Search) http://www.debian.org/security/2003/dsa-270 Debian Security Information: DSA-276 (Google Search) http://www.debian.org/security/2003/dsa-276 Debian Security Information: DSA-311 (Google Search) http://www.debian.org/security/2003/dsa-311 Debian Security Information: DSA-312 (Google Search) http://www.debian.org/security/2003/dsa-312 Debian Security Information: DSA-332 (Google Search) http://www.debian.org/security/2003/dsa-332 Debian Security Information: DSA-336 (Google Search) http://www.debian.org/security/2003/dsa-336 Debian Security Information: DSA-423 (Google Search) http://www.debian.org/security/2004/dsa-423 Debian Security Information: DSA-495 (Google Search) http://www.debian.org/security/2004/dsa-495 En Garde Linux Advisory: ESA-20030318-009 En Garde Linux Advisory: ESA-20030515-017 http://marc.info/?l=bugtraq&m=105301461726555&w=2 http://security.gentoo.org/glsa/glsa-200303-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2003:038 http://www.mandriva.com/security/advisories?name=MDKSA-2003:039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A254 RedHat Security Advisories: RHSA-2003:088 http://rhn.redhat.com/errata/RHSA-2003-088.html RedHat Security Advisories: RHSA-2003:098 http://rhn.redhat.com/errata/RHSA-2003-098.html http://www.redhat.com/support/errata/RHSA-2003-103.html http://www.redhat.com/support/errata/RHSA-2003-145.html SuSE Security Announcement: SuSE-SA:2003:021 (Google Search) http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0134.html
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.