All security websites are reporting that there is a script that will allow non-root users with ssh2 access to obtain full access to the system.
All our servers were patched this morning and restarted. According to Redhat bugzilla, it only affected servers running Redhat 5. Servers on Redhat 4 were not affected.
This is considered a very severe exploit.
If you have other servers and want to check if you’re vulnerable, do the following in shell:
grep -ri vmsplice /boot/System.map-$(uname -r)
if it returns nothing = not vulnerable
if it returns something like: c048fdf7 T sys_vmsplice = vulnerable
CTO / SEO Guru
Canadian Web Hosting