Announcement

Collapse
No announcement yet.

This is quite interesting

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #31
    Re: This is quite interesting

    @Telengard

    My apologies for editing your thread. It wasn't intentional and I wasn't aware of that I had clicked "Modify" instead of "Quote" (which I have accidentally done a couple times in the past), and then saved and went on to other topics.

    How could I have done that? Because I have a defect in the muscles of my left eye that causes a form of Strabismus, for which I have had two surgeries. The first was about 40 years ago and the second was ten years ago, after the affects of the first surgery wore off. I have noticed in the last couple years that my problem with image shifts has returned, especially when my eyes are tired.

    My eye problems have given me all kinds of grief and this is just another example.
    GG
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    Comment


      #32
      Re: This is quite interesting

      Originally posted by GreyGeek
      @Telengard

      My apologies for editing your thread. It wasn't intentional and I wasn't aware of that I had clicked "Modify" instead of "Quote" (which I have accidentally done a couple times in the past), and then saved and went on to other topics.

      How could I have done that? Because I have a defect in the muscles of my left eye that causes a form of Strabismus, for which I have had two surgeries. The first was about 40 years ago and the second was ten years ago, after the affects of the first surgery wore off. I have noticed in the last couple years that my problem with image shifts has returned, especially when my eyes are tired.

      My eye problems have given me all kinds of grief and this is just another example.
      GG
      Smells like backpedaling to me. You edited his post and didn't notice because you were cross eyed? So you don't look at your post after you submit it?

      I'm not buying it.
      Don't blame me for being smarter than you, that's your parent's fault.

      Comment


        #33
        Re: This is quite interesting

        Originally posted by zlow
        Originally posted by GreyGeek
        I run FIreFox 3.6.6.

        The only problem I have with it is that on occasions, when I click a link, it refuses to activate. I can click the link repeatedly with no effect. If I right-mouse and chose "Open in a New Tab" the link immediately opens.

        As far as the vulnerabilities of FireFox is concerned, UNLIKE WIndows, an attacking program MUST save the proper code (ELF binary or bash script) to a file before it can be executed because ONLY FILES are executed in Linux, which is one reason why email malware attachments are ineffective in Linux.
        huh, what? All you need is an unchecked buffer to overflow and execute code on Linux just as with Windows. Email malware attachments could be a problem in Linux too.

        Originally posted by GreyGeek
        Secondly, the save file MUST be marked as executable. Only then can it be executed.
        This isn't true, it could be hooked through a script executed with 'bash script' or an executable that is executed by ld-linux.

        For example, I just executed gedit on my PC here at work after removing the execute bit.

        Code:
        cp /usr/bin/gedit ~
        chmod -x ~/gedit
        cd
        /lib64/ld-linux-x86-64.so.2 ./gedit
        How did I know that I could use ld-linux-x86_64.so.2 to execute it? Simple.

        Code:
        ~ $ strings gedit | head -n 1
        /lib64/ld-linux-x86-64.so.2
        It is easy enough to do anything you wish on a Linux box IF you have physical access to it, as opposed to trying to do something remotely or by putative security holes.

        Originally posted by GreyGeek
        Generally, the worst the exploit can do is erase your home account, or steal files from it. You do keep valuable personal information in encrypted files, don't you, and you do regular backups as well?
        Data theft is far worse than the destruction of a system, this could easily lead to theft of your identity. It is much easier to repair a computer than it is to fix your identity after it has been stolen.

        Originally posted by GreyGeek
        In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
        Sure you do, perhaps just not face to face. I had a server that was hacked allowing entry through an exploit in BIND in 1999. After that I spent a lot of time learning about Linux security. How do you know that there isn't anything bad on your computer right now? Unless you have a deep understanding of security in software development and have gone through the source of every application and script line by line you can't know.
        No, I haven't, and Yes, you can, at least down to the hardware level. But, there is nothing anyone can do about microcode running in the firmware in the CPU, except not use a computer. Most computers are made in China now, aren't they? How safe does that make you feel, especially if China starts shooting at you and suddenly all your computers mysteriously die. How secure does that make you feel, despite all you know about security? Sometimes, even being "fully aware" of security is no help at all.

        At the software level the Thompson demonstrated how how he "injected a virus into a compiler." Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus. This kind of KenThompsonHack was discovered about a year ago in the Delphi compilers, versions 4 through 7.

        Ken wrote, "In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

        As the c2.com wiki continues, "Ken does not mean bug in the sense of error, but in the sense of listening device. And it is "almost" impossible to detect because "TheKenThompsonHack" easily propagates into the binaries of all the inspectors, debuggers, disassemblers, and dumpers a programmer would use to try to detect it. And defeats them. Unless you're coding in binary, or you're using tools compiled before the KTH was installed, you simply have no access to an uncompromised tool. In fact, given the amenability of microcode to the KTH, not even then."


        But, we are discussing the level of insecurity created at the application level by mere mortals. I know of more folks running Linux than just the those whose installations I support. I am "face-to-face" with hundreds of Linux users in various forums, blogs, lists, etc... daily. Like most Linux enthusiasts I keep current on Linux news, especially news of Linux holes. It's not hard to do. Compromises of Linux machines are so UNCOMMON that even a one-off event, like the occasional tar ball replacement on some poorly administered back-water project server, makes headlines precisely because such events are so uncommon. The possibility of hacked code making it past the gate keepers into Kubuntu's repository or the PPA's, for example, are even more unlikely. The hacker would have to crack and modify the signature encryption, which is itself protected, to do so.

        IF Linux boxes were as susceptible as Windows fanbois would have us believe I would have to ask "Where is the beef?". Where are the masses of Linux boxes that have been infected in droves from drive-by web shootings, ssh attacks, or infected email attachments, or infected *.desktop files? Even one such massive event would make the headlines in Microsoft's "Highly Reliable Times", to say nothing of ZDNet, eWeek or PCMag. IF the only reason why Linux isn't as infected as Windows is merely one of market share then, since the Linux desktop market share is over 10% (according to Steve Ballmer), one would expect that there should be AT LEAST 200,000 active Linux viruses and Trojans floating around the Internet during the last year alone! In fact, the number of effective Linux exploits found in the wild over the last 15 years is around a dozen or so. By "effective" I mean a malware which is "not easily removed", more potent than "weak" and found on more than "two or fewer sites". The most massive Linux infection was caused around 2002 by a form of the Slapper virus which infected around 25,000 computers over a two week period in Eastern Europe which were running bootleg copies of a commercial Linux which mimicked Windows so thoroughly that users were installed and running as root. It was during a time when CodeRed infected over 1M Windows boxes in 24 hours. Yes, I know that Symantec has several hundred Linux infective agents listed, but if you drill down on most of those you will find that they are "cross platform" Windows jpeg viruses which have long existed but recently had "linux" added to their names. That switch took place around 2005.

        The largest Linux botnet ever found was discovered last fall. It had a total of 770 Linux zombies in it and it took the hackers about 180 days of manually breaking into and capturing Linux boxes to create it. The first one found, during the same period, was only 100 bots, and it was created using "The Slow Brutes" weak password dictionary attack over a period of several months, from April to October. IF breaking into Linux boxes is so easy, or as easy as breaking into Windows boxes, why does it take so long to create so few zombies? Because it is NOT easy. And, because MOST Linux users don't have to pay for (and thus neglect to keep current) their "AV" protection. Updates and security patches are free and automatic downloads and installations, so the vast majority of Linux holes are fixed within hours, or a couple days at most. Security holes have been found in about every component of Linux, from the kernel to the C compiler to the least significant app. My Windows installations had security updates automatically delivered. It isn't about the holes, it is about how quickly they are discovered, patched and installations updated.

        The average Windows bot farm contains 20,000 Windows boxes. The largest Windows bot farm contained over 1,200,000 zombies. Even Windows boxes with up to date AV subscriptions are susceptible because of the time lag between the release of a virus or Trojan, its discovery by a security team, the announcement by Microsoft of the hole, the creation of a vaccine, and the dissemination of that DAT file to the AV subscribers. The LARGEST time gap in that sequence of events is between the time the bug is reported to Microsoft and the time Microsoft announces the bug and patch. Some holes are never announced and never patched.

        I am running a standard Kubuntu 10.4 installation with no special security enhancements. Here is my IP address: 24.223.246.44. You have my permission to have a go at it. If, as you claim, a Linux desktop is as weak and easy as Windows is, it should be easy for you.
        "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
        – John F. Kennedy, February 26, 1962.

        Comment


          #34
          Re: This is quite interesting

          Originally posted by zlow
          .....
          I'm not buying it.
          I'm not selling it.

          Previewing usually doesn't show all the post in one window and doesn't highlight the quotes in different colored background, nor does it the buttons and most other header information.

          Eight months ago:
          http://kubuntuforums.net/forums/inde...5706#msg205706

          I made a simple mistake. What advantage would it be to me to modify someone elses post?
          Why all the hostility?
          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
          – John F. Kennedy, February 26, 1962.

          Comment


            #35
            Re: This is quite interesting

            Originally posted by GreyGeek
            @Telengard

            My apologies for editing your thread. It wasn't intentional and I wasn't aware of that I had clicked "Modify" instead of "Quote" (which I have accidentally done a couple times in the past), and then saved and went on to other topics.
            I accept your apology and sincerely hope that this unfortunate incident has not damaged the good will between users I've come to expect here at KFN.

            I too suffer from the symptoms of age and injury in that my hands tremble to such a degree that I sometimes click accidentally where I should not. Please accept condolences for your health problems. My unprofessional advice to you is to avoid stimulants, take daily exercise and get plenty of rest. Walk away from the terminal and rest your eyes. You need to take better care of yourself at your age.

            @everyone
            I have done my best to clean up the thread so that it does not go off topic, but I can not edit other users' posts. I would appreciate it very much if all discussion of the post editing incident be dropped from the thread. It seems very clear to me that GreyGeek made an honest mistake by clicking the wrong button. I have accepted his apology and explanation, so please let's have no further ill will over this unfortunate accident.

            I offer my humble apology to all readers of this thread because it became so messy. My sincere wish is that discussion will continue productively without diverging further from the original topic.

            Telengard
            Welcome newbies!
            Verify the ISO
            Kubuntu's documentation

            Comment


              #36
              Re: This is quite interesting

              Originally posted by GreyGeek
              Originally posted by zlow
              .....
              I'm not buying it.
              I'm not selling it.

              Previewing usually doesn't show all the post in one window and doesn't highlight the quotes in different colored background, nor does it the buttons and most other header information.

              Eight months ago:
              http://kubuntuforums.net/forums/inde...5706#msg205706

              I made a simple mistake. What advantage would it be to me to modify someone elses post?
              Why all the hostility?
              There is no hostility, I just know that you will do anything to fluff yourself up. Bend the truth, edit someone elses post, whatever. You got caught and to cover your rear you played the old card. Forgive me for being skeptical, but I have seen your work here in the forum and don't for a second think that you did it by "accident".
              Don't blame me for being smarter than you, that's your parent's fault.

              Comment


                #37
                Re: This is quite interesting

                Originally posted by GreyGeek
                It is easy enough to do anything you wish on a Linux box IF you have physical access to it, as opposed to trying to do something remotely or by putative security holes.
                In some cases, yes you (or your code) needs "physical" access. This can be gained many ways including remotely if you can find a way to remotely overflow memory and pass a binary to execute. This wasn't your argument though, your argument was that your code needed to be executable which I have proven false.

                Originally posted by GreyGeek
                No, I haven't, and Yes, you can, at least down to the hardware level. But, there is nothing anyone can do about microcode running in the firmware in the CPU, except not use a computer. Most computers are made in China now, aren't they? How safe does that make you feel, especially if China starts shooting at you and suddenly all your computers mysteriously die. How secure does that make you feel, despite all you know about security? Sometimes, even being "fully aware" of security is no help at all.
                I just gave you an example, why did you choose to ignore it? I didn't say anything about firmware, are you deflecting or do you not understand what I said? You make a great point about China and cyber terrorism, however it is unrelated to the topic you are replying to. Being aware of security does make you aware of things such as this. In fact, I am aware of some un-named entities that do not use equipment from China for this very reason.

                Originally posted by GreyGeek
                At the software level the Thompson demonstrated how how he "injected a virus into a compiler." Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus. This kind of KenThompsonHack was discovered about a year ago in the Delphi compilers, versions 4 through 7.

                Ken wrote, "In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

                As the c2.com wiki continues, "Ken does not mean bug in the sense of error, but in the sense of listening device. And it is "almost" impossible to detect because "TheKenThompsonHack" easily propagates into the binaries of all the inspectors, debuggers, disassemblers, and dumpers a programmer would use to try to detect it. And defeats them. Unless you're coding in binary, or you're using tools compiled before the KTH was installed, you simply have no access to an uncompromised tool. In fact, given the amenability of microcode to the KTH, not even then."
                Thank you for making my point for me.

                Originally posted by GreyGeek
                But, we are discussing the level of insecurity created at the application level by mere mortals. I know of more folks running Linux than just the those whose installations I support. I am "face-to-face" with hundreds of Linux users in various forums, blogs, lists, etc... daily. Like most Linux enthusiasts I keep current on Linux news, especially news of Linux holes. It's not hard to do. Compromises of Linux machines are so UNCOMMON that even a one-off event, like the occasional tar ball replacement on some poorly administered back-water project server, makes headlines precisely because such events are so uncommon. The possibility of hacked code making it past the gate keepers into Kubuntu's repository or the PPA's, for example, are even more unlikely. The hacker would have to crack and modify the signature encryption, which is itself protected, to do so.
                What is your source for Linux "holes" then? I have a few you obviously aren't following.

                Let me share a couple of examples:
                Code:
                2010-07-08	Ubuntu PAM MOTD File Tampering (Privilege Escalation)
                2010-07-05	linux/x86 polymorphic Drop suid shell root /tmp/.hiddenshell 161 bytes
                2010-07-05	linux/x86 bind sh@64533 97 bytes
                2010-07-05	linux/x86 lynx polymorphic shellcode 84 bytes
                2010-07-05	linux/x86 setreuid(0,0) execve("/bin/sh",NULL,NULL) encoded 62 bytes
                2010-07-05	linux/x86 /proc/sys/kernel/randomize_va_space SUB encoded 111 bytes
                2010-07-05	linux/x86 bind port to 6678 XOR encoded polymorphic shellcode 125 bytes
                2010-07-05	linux/x86 nc -lp 31337 -e /bin/sh polymorphic shellcode 91 bytes
                Note that those are all published exploits so I won't link you to them, you understand I'm sure.

                Originally posted by GreyGeek
                IF Linux boxes were as susceptible as Windows fanbois would have us believe I would have to ask "Where is the beef?". Where are the masses of Linux boxes that have been infected in droves from
                Are you seriously going to bring up Microsoft yet again?

                Originally posted by GreyGeek
                drive-by web shootings, ssh attacks, or infected email attachments, or infected *.desktop files? Even one such massive event would make the headlines in Microsoft's "Highly Reliable Times", to say nothing of ZDNet, eWeek or PCMag.
                So you imply that just because it isn't happening in the public eye we should pretend that it can't or isn't possible. Lets set the root password to blank and open root to SSH while we are at it. The last active backdoor found in published code existed for over 1/2 a year before it was stumbled upon. I am pretty sure that it is not the only one that exists today.

                Originally posted by GreyGeek
                IF the only reason why Linux isn't as infected as Windows is merely one of market share then, since the Linux desktop market share is over 10% (according to Steve Ballmer), one
                I have already debunked this fabrication.

                Originally posted by GreyGeek
                would expect that there should be AT LEAST 200,000 active Linux viruses and Trojans floating around the Internet during the last year alone! In fact, the number of effective Linux exploits found in the wild over the last 15 years is around a dozen or so. By "effective" I mean a malware which is "easily removed", more potent than "weak" and found on more than "two or fewer sites". The most massive Linux infection was caused around 2002 by a form of the Slapper virus which infected around 25,000 computers over a two week period in Eastern Europe which were running bootleg copies of a commercial Linux which mimicked Windows so thoroughly that users were installed and running as root. It was during a time when CodeRed infected over 1M Windows boxes in 24 hours. Yes, I know that Symantec has several hundred Linux infective agents listed, but if you drill down on most of those you will find that they are "cross platform" Windows jpeg viruses which have long existed but recently had "linux" added to their names. That switch took place around 2005.
                Why would there be 200,000? I don't think there are enough Windows users that care about Linux enough to learn how to exploit it honestly. Your commentary though gives several examples of the drooling I hate Microsoft mentality that leads to development of viruses for that platform. I love how you quote the number of Linux exploits as around 12 over the last 15 years. I count almost that many just this month.

                Originally posted by GreyGeek
                The largest Linux botnet ever found was discovered last fall. It had a total of 770 Linux zombies in it and it took the hackers about 180 days of manually breaking into and capturing Linux boxes to create it.
                The keyword here is "discovered". Are you implying that we shouldn't take steps to help reduce the risk? Do you even understand risk?

                Originally posted by GreyGeek
                The first one found, during the same period, was only 100 bots, and it was created using "The Slow Brutes" weak password dictionary attack over a period of several months, from April to October. IF breaking into Linux boxes is so easy, or as easy as breaking into Windows boxes, why does it take so long to create so few zombies? Because it is NOT easy.
                I never said it was easy, I only said it was possible. Here you are bending my words to try to prove your point again.

                Originally posted by GreyGeek
                And, because MOST Linux users don't have to pay for (and thus neglect to keep current) their "AV" protection. Updates and security patches are free and automatic downloads and installations, so the vast majority of Linux holes are fixed within hours, or a couple days at most. Security holes have been found in about every component of Linux, from the kernel to the C compiler to the least significant app. My Windows installations had security updates automatically delivered. It isn't about the holes, it is about how quickly they are discovered, patched and installations updated.
                This is a pretty good point, when discovered they are fixed quickly. How many remain underground? You don't see the big picture. You refuse to let go of your stigma that Linux can't be attacked even though it isn't true. You are doing a great disservice as a moderator posting this nonsense.

                Originally posted by GreyGeek
                The average Windows bot farm contains 20,000 Windows boxes. The largest Windows bot farm contained over 1,200,000 zombies. Even Windows boxes with up to date AV subscriptions are susceptible because of the time lag between the release of a virus or Trojan, its discovery by a security team, the announcement by Microsoft of the hole, the creation of a vaccine, and the dissemination of that DAT file to the AV subscribers. The LARGEST time gap in that sequence of events is between the time the bug is reported to Microsoft and the time Microsoft announces the bug and patch. Some holes are never announced and never patched.
                Who cares about how many viruses Windows has, this isn't a thread about OMG M$ HAS VIRII!!!1!. You have the same problem with Linux, some holes are never announced (because they are unknown to the maintainers) and never patched (saved for exploitation by people that would use it for personal gain).

                Originally posted by GreyGeek
                I am running a standard Kubuntu 10.4 installation with no special security enhancements. Here is my IP address: 24.223.246.44. You have my permission to have a go at it. If, as you claim, a Linux desktop is as weak and easy as Windows is, it should be easy for you.
                I have no interest in connecting to your computer. I never said anything was as weak or easy as Windows, your imagination did.
                Don't blame me for being smarter than you, that's your parent's fault.

                Comment


                  #38
                  Re: This is quite interesting

                  zlow: Linux users preaching "I am safe, you are safe" are just idiots with no understanding of risk or security.
                  Well, you got two out of three. In my case I am quite sure that I am safe. Yes, I am an idiot. But it is likely that you are not safe.

                  I don't know what people keep on their computers that could be stolen, that 's pretty strange to me. I suppose there is stuff like credit card information, but in my opinion that isn't something you should be putting in a place like that anyway.

                  Telengard: A related thread in another forum shows that I'm not the only user who thinks Firefox updates should be provided more promptly for non-EOL releases.
                  Again, I think there is a cultural component here. I fully respect that people like to do things their own way. In fact I wish more people would do so. This whole thread would likely not even be possible if that was the case. So, I disagree with frequent updates. I have experienced a lot of degradation of programs and operating systems which has occurred because of updates. I could make a real rant out of that. It is only my belief in FOSS that lets me tolerate it. In fact my FF is really irritatingly unstable since the last "upgrade".

                  This house always has at least 5 machines online 24/7 and vulnerabilities have never effected us. I'm sure that a lot of security concious people wish that I would have a problem, but I apologise - I don't. Particularly interesting in this regard is that one of the online machines is running MS-DOS. The three files that meake up the OS have not been updated since 1994 and that is the machine on which I would put credit card information should I want to keep that on a computer.

                  Comment


                    #39
                    Re: This is quite interesting

                    MMM... I wouldn't because their vulnerabilities would be well known for a hacker or cracker due to the fact that they could start hacking computers that just had MSDOS installed on them.
                    Multibooting: Kubuntu Noble 24.04
                    Before: Jammy 22.04, Focal 20.04, Precise 12.04 Xenial 16.04 and Bionic 18.04
                    Win XP, 7 & 10 sadly
                    Using Linux since June, 2008

                    Comment


                      #40
                      Re: This is quite interesting

                      Originally posted by kyonides
                      MMM... I wouldn't because their vulnerabilities would be well known for a hacker or cracker due to the fact that they could start hacking computers that just had MSDOS installed on them.
                      Hehe, well that's the point.There are no known "vulnerabilities". There are only three small files and the rest is user space. However, in this case it's not really a matter of obscurity but networking style. Like I hinted at earlier, I think a lot of security problems are really cultural.

                      Comment


                        #41
                        Re: This is quite interesting

                        MSDOS 6.22, released in 1983, IIRC, is a nice DOS.

                        But, it has two problems that plagued me.
                        One is the random nature of the xcopy bug, when it fails to identify a file as a file or a directory as a directory. Many have been the times that I have started a batch backup process before I go home for the day, only to come in the next morning and find that 5 minutes after it started it threw up a screen asking for user input to tell it if the name it is displaying is either a file or a directory. I have to cancel the backup because I couldn't ask dozens of people to close down their applications and wait for 45 minutes while the backup completes.
                        The second is the job scheduler. It randomly failed to start the backup job when it was supposed to. Eventually I replaced both with 3rd party tools which worked.

                        Other than that it was great. Not as great as DRDOS, but great.
                        "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                        – John F. Kennedy, February 26, 1962.

                        Comment


                          #42
                          Re: This is quite interesting

                          Yes, many people say DRDOS is better. Regarding things like xcopy, I'd have to go looking for that on some old disks. I have long since discarded any of the utilities. I don't think anyone ever "installed" DOS as an MS OS - I certainly haven't. It's all mv, cp, xgrep, mvdir, and TSRs around here. (Half of simtel lives here. lol) Over the years I've just collected what I think is better (smaller, faster) until MS only occupies the two kernel files and shell. The rest of the stuff was just a sales pitch anyway. Though I must say that I still like the MS mem command best for what it does. What's important is that it is user driven and "it don't run if you don't type it". Though I must say that not having to look at the screen is a big plus too and that, of course, is why there is still a lot of blind people using it. Anyway, another big reason is just pure ego - it's a hot-rod, and I'm in control. (blush)

                          PS: Here is a profile of my main machine which is called ANA.

                          Comment


                            #43
                            Re: This is quite interesting

                            @GreyGeek - Do you remember that MOTD exploit I mentioned yesterday? I know you didn't reply, it's easier to ignore that you are wrong that way.

                            "Ubuntu closes root hole

                            A flaw in the module pam_motd (message of the day), which displays the daily motto and other information after login (to the shell), can be exploited under Ubuntu to expand access rights. Attackers can exploit this vulnerability to gain root access. Ubuntu has already provided a patch for the flaw. Operators of multi-users systems should install it as soon as possible because directions are already in circulation via Twitter on how to exploit the flaw to get access rights to the password file /etc/shadow. The file can then not only be read, but changed."

                            Source: The H

                            Just thought you should know, because you were wrong. Once again.
                            Don't blame me for being smarter than you, that's your parent's fault.

                            Comment


                              #44
                              Re: This is quite interesting

                              I'm just curious. Who got hit by this?

                              Comment


                                #45
                                Re: This is quite interesting

                                Originally posted by Ole Juul
                                I'm just curious. Who got hit by this?
                                I have no idea, hopefully no-one. It would require some other exploit to gain access, either a remote exploit (I don't know of any) or local like what we found in the gnome screensaver package on gnome-look last year.

                                The danger here though is that it could easily be encoded into an existing script, posted to a forum to be downloaded and executed as a user without root permission and it can elevate itself to root or any other account on the system.
                                Don't blame me for being smarter than you, that's your parent's fault.

                                Comment

                                Working...
                                X