Ultra Monkey: High Availability and Load Balancing Solution for Linux [Monkey]
English | Japanese
Top | About | Mirrors | History | Contacts | Ultra Monkey 3 | Ultra Monkey 2.0.1 (Old)
News Archive | Papers | Ultra Monkey L7 [Japanese]

Ultra Monkey: Kernel Security Bug Database


prev up next
CVE CAN-2003-0461[offsite]
Updated Tue, 06 Jul 2004 14:32:34 +0900
Summary /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. (text:DSA-358-4)
Status Closed
Priority Low
Source RHSA-2004:188-14 RHSA-2003:238-16 DSA-358-4
Link Ultra Monkey News 2003-08-06-00 Ultra Monkey News 2003-12-08-00 Ultra Monkey News 2004-06-28-02 Ultra Monkey News 2004-06-26-01
Resolved In
  Kernel Vulnerable (2.4.22-ac1 ok)
  Patch http://developer.osdl.org/~chrisw/audit/2.4/proc_tty_serial.diff[offsite]
  Red Hat Linux 7.3
         Vendor kernel-2.4.20-19.7
         UltraMonkey kernel-2.4.20-19.7.um.1
  Red Hat Linux 8.0
         Vendor kernel-2.4.20-19.8
         UltraMonkey kernel-2.4.20-19.8.um.1
  Red Hat Linux 9
         Vendor kernel-kernel-2.4.20-19.9
         UltraMonkey kernel-2.4.20-19.9.um.1 (initial release)
  Fedora Core 1
         Vendor Not Vulnerable (>=2.4.22-ac1)
         UltraMonkey Not Vulnerable (>=2.4.22-ac1)
  Red Hat Enterprise Linux 3
         Vendor kernel-2.4.21-15.EL
         UltraMonkey kernel-2.4.21-15.0.2.EL.um.1
  Debian Woody
         Vendor kernel-source-2.4.18_2.4.18-11
         UltraMonkey kernel-source-2.4.22_2.4.22-1-ipvs_2.4.22-4woody.um.1
  Debian Sid
         Vendor kernel-2.4.21_2.4.21-4
         UltraMonkey kernel-source-2.4.22_2.4.22-1-ipvs_2.4.22-4.um.1
local data for debugging.
Information provided here is based on the information from the links above and is intended as a refereance only.

Copyright © 2000-2005, Horms
Last Updated: Sat, 04 Mar 2006 02:33:59 -0500

Debian is a registered trademark of Software in the Public Interest, Inc.
Red Hat, the Red Hat Shadowman logo and Fedora are registered trademarks of Red Hat, Inc.
Red Hat may also be refered to as RedHat on this site.
Linux is a registered trademark of Linus Torvalds.
All other trademarks are the property of their respective owners.