Red Midnight and other readers brought to our attention a bug in most deployed versions of Linux that could result in untrusted users getting root access. The bug was found by Brad Spengler last month. "The null pointer dereference flaw was only fixed in... ...full story at slashdot
from slashdot on Wed, Nov 04 2009
see also:
| 03 Nov 09 |
  |
Bug in latest Linux gives untrusted users root access » the register (uk) Protections for some, but not all A software developer has uncovered a bug in most versions of Linux that could allow untrusted users to gain complete control over the open-source operating system.…Web threats: Why conventional protection doesn't work |
| 18 Jul 09 |
 |
New Linux Kernel Flaw Allows Null Pointer Exploits » slashdot Trailrunner7 writes "A new flaw in the latest release of the Linux kernel gives attackers the ability to exploit NULL pointer dereferences and bypass the protections of SELinux, AppArmor and the Linux Security Module. Brad Spengler discovered the... |
| 24 Jul 09 |
|
Critical Flaw Discovered In DD-WRT » slashdot MagicM writes "A critical flaw has been discovered in DD-WRT, a Linux based alternative open source firmware for WLAN routers such as the fan-favorite Linksys WRT54GL. The flaw can give an attacker instant root access to the router merely by embedding an... |
| 18 Nov 09 |
|
Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges » slashdot eqisow writes "The new default policy for Fedora 12 allows local, unprivileged users to install signed packages without root access. This change apparently went mostly unnoticed until after the Fedora 12 GA release, at which point it sparked a mailing... |
| 10 Feb 08 |
|
Linux Kernel 2.6 Local Root Exploit » slashdot aquatix writes "This local root exploit (Debian, Ubuntu) seems to work everywhere I try it, as long as it's a Linux kernel version 2.6.17 to 2.6.24.1. If you don't trust your users (which you shouldn't), better compile a new kernel without vmsplice." Here... |
china
thailand
japan
technology