Linux Security Hole Found
Results 1 to 4 of 4

Thread: Linux Security Hole Found

  1. #1
    Banned
    Join Date
    Apr 2003
    Posts
    3,840

    Linux Security Hole Found

    Source: http://zdnet.com.com/2100-1105-993278.html

    Programmers disclosed a security hole this week in a part of the heart of the Linux operating system that could let users of a machine take it over even if they don't have privileges to do so.
    The vulnerability affects both the 2.2 and 2.4 series of Linux kernels, the core of the operating system, said Alan Cox, one of the key deputies of Linux founder Linus Torvalds in the programming community that collectively produces Linux. Those kernels are at the center of several Linux products released recently from companies such as Red Hat and SuSE.

    Cox submitted a patch to fix the problem Monday. Top Linux seller Red Hat posted a patch for the vulnerability on Monday.


    The problem could let "local" computer users--those with permission to log on to a machine--to gain "root" access and take complete control of the machine, Cox said. Such "local" vulnerabilities are considered less severe than "remote" ones that let attackers over a network take over a machine even if they don't have a basic user account on it.

    The problem affected the "ptrace" component of Linux, which is used to help find bugs in software.

    A recent spate of security problems have cropped up in several open-source programs. Earlier this week, programmers disclosed a vulnerability in the Samba package used to share files between Windows, Linux and Unix systems that could let attackers across a network take over a computer. And another problem in the Sendmail e-mail server software also led to the possibility of network-based attacks.

  2. #2
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540

    Thumbs down remark!

    Sorry, this vulnerability was already posted on AO.
    see thread: Security hole found in Linux (posted 03-20-2003 12:55 AM)
    http://www.antionline.com/showthread...hreadid=241470


    A little howto for new ao'ers (I know there are excellent tutorials and howto's about this but people tend to skip them, not?)

    1) try to search the AO forums before posting, cause your question could already been answered or 'your post' could already been posted
    2) use meaningfull titles
    3) read the howto's and tutorials

    thx

    I know searching the AO forums can be a painfull experience and the search bot seems to look over things sometimes? Anyway there are many many questions coming back that are really working on the nerves of the 'older' (read long time AO players) senior members. Some very good posts or questions get lost in the meaningless and repeated asked things. That's one of the reasosn (IMHO) why some very contributing members are not posting anymore. Recently some senior asked, "how many seniors are still posting?" Well this could be a very good question.

    However, welcome on AO and I hope you will enjoy this website.





  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    3,840
    sorry...didnt see it

  4. #4
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540

    ao faq

    No probz, it can happen to everyone, posts are made faster than you can follow, look at some people's post count

    My remark was a general remark to all people not common with some basic internet / AO attitude. It's part of the Netiquette
    It's worth a read:
    http://www.albion.com/netiquette/corerules.html
    http://www.fau.edu/netiquette/net/elec.html
    http://www.antionline.com/showthread...hreadid=235123

    Ennis explained it all in his exellent AO faq
    This is certainly worth to read:
    http://www.antionline.com/showthread...hreadid=235123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides