Linux kernel vulnerability found

Ziff Davis reports that researchers have uncovered a serious vulnerability in the Linux kernel that could allow an attacker to gain root access to a vulnerable machine and take control of it. The report says an unknown cracker recently used this weakness to compromise several of the Debian Project`s servers.

Because the flaw is in the Linux kernel, the problem affects virtually every distribution of the operating system and several vendors have confirmed that their products are vulnerable. The vulnerability is in all releases of the kernel from version 2.4.0 through 2.5.69, but has been fixed in releases 2.4.23-pre7 and 2.6.0-test6.

RedHat and the Debian Project have released advisories warning customers of the issue and providing information on fixes. Products from other vendors, including MandrakeSoft SA, SuSE Linux AG and Caldera International, are also vulnerable.

The Inquirer reports that RedHat has launched an academy in the UK to allow schools, colleges and universities to teach an academic version of the RedHat Certified Engineer training and certification.

The scheme allows educators to deliver courses and administer the RedHat Certified Technician exam. The certificates will count as a genuine RedHat qualification in subjects such as system administration, network engineering, C or C++ programming, databases, Web development, PC repair and forensic computing.

San Francisco-based research firm Ferris Research says there is more money to be made fighting spam than even spammers can make. Techweb.com reports that Ferris Research estimates revenue for vendors selling anti-spam products will reach approximately $130 million this year and soar by 200% in 2004 to around $360 million.

At the same time, the research company expects spammers to make profits of between $20 million and $30 million this year.