It's worth reporting that this does not appear to be remotely exploitable.
It's bad enough, but a user has to have shell access to trigger it.
In the scope of potential problems, it's bad, but a system locked up by a
user who already had access to the system isn't up there with the potential
army of remotely rooted Linux systems that some media headlines imply.
Not trying to downplay the problem, just put it in perspective - it still
needs to be patched.
Bill
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)