Penetration Testing mailing list archives
Re: Recent Linux vulnerabilities
From: Leonardo Eloy <leonardo () morphus com br>
Date: Thu, 20 Jan 2005 10:38:25 -0300
Rainer Duffner escreveu:
You're right, but some of the issues I related are vulnerable in both kernel series.Michael Richardson wrote:-----BEGIN PGP SIGNED MESSAGE----- First, many of those reports are 2.6 specific. Many deployed systems are running 2.4, which does not have anywhere near as many issues.
Indeed. But even 2.4 has had more than enough bugs - though the situation with 2.6 is really disastrous, IMO.
I think both kernel series hasn't considered secure programming as on of the issues, when submitting patches. As Alan Cox said "/if you plot things like 'buffer overflow' 'structure passed to user space not cleaned' 'maths overflow check error' against time you'll see they show definite patterns with spikes decaying at different rates towards zero./" [http://kerneltrap.org/node/4570], but until we reach that point, we must be very careful with systems we deploy.
I'm glad my main servers run BSD ;-)
Oh god! :P
Though not all my customers have that "privilege".Second, "local exploits" mean you need to get a local user. If you assume that, then you can assume a lot of other things too.
That's my question! :)Have you guys been using more kernel-based method to gain superuser level or program-based exploits?
If all your PHP-apps are tight and secure, then yes. Unfortunately, this isn't the case. Dare I say phpBB ?Or look at other well-known PHP-projects - almost none of them can run in PHP-safemode and some have to tweak multiple php.ini-values to "a little bit less-secure" values.In combination, the results can be very bad. It's really becoming a nightmare. cheers, Rainer
-- Leonardo Eloy, LPIC-1, FCSE Analista de Segurança Morphus Tecnologia Fone/Fax: 85 3452.5733/5737 Móvel: 85 8802.6740 e-mail: leonardo () morphus com br site: http://www.morphus.com.br As informações existentes nessa mensagem e nos arquivos anexados são para uso restrito, sendo seu sigilo protegido por lei. Caso não seja destinatário, saiba que leitura, divulgação ou cópia são proibidas. Favor apagar as informações e notificar o remetente. O uso impróprio será tratado conforme as normas da empresa e a legislação em vigor. The information contained in this message and in the attached files are restricted, and its confidentiality protected by law. In case you are not the addressee, be aware that the reading, spreading and copy of this message is unauthorized. Please, delete this message and notify the sender. The improper use of this information will be treated according the company's internal rules and legal laws.
Current thread:
- Recent Linux vulnerabilities Leonardo Eloy (Jan 20)
- Re: Recent Linux vulnerabilities Michael Richardson (Jan 20)
- Message not available
- Re: Recent Linux vulnerabilities Leonardo Eloy (Jan 20)
- Message not available
- Re: Recent Linux vulnerabilities Michael Richardson (Jan 20)