Tough Day

I am awake from the last 25 hours. Gonna crash soon, so thought, why not write something about what happened today.

My eyes bulged when I found a couple of latest linux local root exploits those could really harm our servers.. The only methods are to upgrade to the latest kernel, configure, make blah blah, or get the latest patched kernel from RHN.

Here are the reports...

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2451
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-3626

Here is the link for the patch from RHN.
https://rhn.redhat.com/errata/RHSA-2006-0574.html

If you run CentOS, just do a yum update and it should fix the issues. How ever I do not like the way Redhat / CentOS deals with their software,l they should always opt for more up to date versions of kernels. In this regard, I feel Trustix is a better option.

So, I compiled the new kernel from source... Havent done this for a long time now. You know, this is what happens if you are stuck with proprietory software which runs only on Whinedoze.

First thing I noticed is that it doesnt need the 'make dep' command. I used a reference .config file from the last redhat kernel tree. compiled, installed, edited all the configs, then, something funny happened. iptables started crying about no support available in kernel. Upon checking found that the bloody module is not present.. I am still wondering what must have caused this because I used a redhat based base config file.

Lots of work to do after I get up :). More photos will be there from my last trip. Gotta shift my systems to upstairs.. Have to hunt a decent GPS and a couple of WRT54GSs for the community networking stuff...

So thats all for today..

*Snore*

Labels: computers, geek, linux, security