xxkylexx

Well-Known Member
Apr 29, 2006
57
0
156
Hi guys,
I am currently running a CentOS 4.4 Final, cPanel box. It is using kernel 2.6.9-42.0.8.ELsmp . Is there any problems with this kernel, or should it be ok? Want to make sure it is not vulnerable.

Thanks,
Kyle
 

jayh38

Well-Known Member
Mar 3, 2006
1,213
0
166
2.6.9-42.0.8.ELsmp and 2.6.9-42.0.10.ELsmp seem fine for many weeks now
 

katmai

Well-Known Member
Mar 13, 2006
562
2
168
Brno, Czech Republic
2.6.10 kernels are exploitable by pretty many local exploits. careful if you wanna allow shell access, i would not run such a kernel version. don't tell me about centos backporting and stuff, simply not secure if you plan allowing shell access. it's a vanilla kernel, and can be broken easily and that's it.
 

xxkylexx

Well-Known Member
Apr 29, 2006
57
0
156
We do not allow shell access on our accounts. And isn't this 2.6.9, not 2.6.10?
 

katmai

Well-Known Member
Mar 13, 2006
562
2
168
Brno, Czech Republic
all you have to take into account is that if your applications/apache/php are not hardened enough, and someone gets shell access, they WILL root your box, witout question. but that is just in theory, because can't tell how well the security goes with everyone.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
That's simply not true. RedHat do backport security fixes and update their kernels as soon as they're aware of any known exploits available for them. The root exploits you're referring to are the vanilla ones from kernel.org and they don't affect the latest ones from RedHat. All you need to do is to signup to the RedHat Errata mailing lists to follow such detail.
 

katmai

Well-Known Member
Mar 13, 2006
562
2
168
Brno, Czech Republic
chirpy. need demonstration ? there are at least 4 public exploits for the mentioned kernels.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,462
25
473
Go on, have a guess
I don't need a demonstration, just some facts. I'm quite prepared to believe you but you need to substantiate the claims with the relevant information. Can you please provide the 4 CVE numbers and the RedHat bugtraq entries that show that they're aware of the 4 local root exploits and that they are yet to be back-ported into their latest kernels, without both of those it's impossible to verify what you're claiming.
 

ezztro

Well-Known Member
Nov 11, 2003
148
0
166
Hi guys,
I am currently running a CentOS 4.4 Final, cPanel box. It is using kernel 2.6.9-42.0.8.ELsmp . Is there any problems with this kernel, or should it be ok? Want to make sure it is not vulnerable.

Thanks,
Kyle
After an update from 4.4 to 4.5 ( not 5.0 ) and Kernel 2.6.9-42.xxx i have some errors:

WARNING: Kernel Errors Present
microcode: Error in the microcode ...: 1 Time(s)
microcode: error! Bad data in mic ...: 1 Time(s)