Linux Local kernel vulnerability



SANS has a story on another local kernel vulnerability for linux. I’ve got to say that I typically haven’t looked as much at “local” vulnerabilities on this site as I have talked about remote vulnerabilities. Usually local vulnerabilities are flaws that allow a user that’s already logged into a system to escalate their user rights to control the system. So, IF you allow logins for various users, you definitely need to pay attention to local vulnerabilities.


This is essentially the same type of flaw that was used in the Debian development server compromise from what I can gather. A developer had a weak password and that was either broken or guessed (or discovered) by someone…. that “someone” logged in and found that there were some interesting possibilities to get greater access to the machine.

This vulnerability seems to be in the current kernel release, although SELinux seems to block the exploit – soooooo…. Linuxi that employ SELinux should be less at risk.

Related Posts

Blog Traffic Exchange Related Posts
  • Another critical IE vulnerability Say it ain't so.... yet another security vulnerability was discovered in Internet Explorer. Users are advised to use alternative browsers (firefox, opera, netscape.) At this point it doesn't look to be actively exploited, it can at least crash IE, but at worst allow a vulnerable system to be controlled remotely..........
  • System patching 0-days and ancient-day vulnerabilities There's a good article at Michael Sutton's Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to......
  • Linux Kernel ptrace local DoS vulnerability There's a local Denial of Service vulnerability in the linux kernel's ptrace function according to secunia.com. It reportedly is present in kernel's prior to 2.6.14.2 and is listed as a non-critical vulnerability. (However any security vulnerability should be treated seriously.) 2.6.14.2 is safe and fixes the vulnerability. The vuln was......
Blog Traffic Exchange Related Websites
  • Shopping at a Perfume Outlet Your local mall probably has at least one perfume outlet. You can find these stores sometimes in strip malls, kiosks and even online. But is it a good idea to shop at a perfume outlet, or are you getting an inferior product for the smaller price tag? A perfume outlet......
  • Investing Safely You want for your money to work for you and to grow, right? But taking risks makes you feel uneasy? So is there a way for you to invest more safely? Of course there is! There is a rule that is associated with investing that is ancient, and yet remains......
  • Linux Security, Then and Now A very interesting article by Keith Vanc at eSecurity Planet Linux is inherently not a secure operating system. The reason it's not secure is because Linux was based on the architectural design of UNIX, and the creators of UNIX didn't care about security – it was 1969 after all. "The first......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site