[mdlug] Linux root exploit
Robert Adkins
radkins at impelind.com
Mon Feb 11 09:29:51 EST 2008
> -----Original Message-----
> From: mdlug-bounces at mdlug.org
> [mailto:mdlug-bounces at mdlug.org] On Behalf Of Clinton V. Weiss
> Sent: Sunday, February 10, 2008 9:48 PM
> To: MDLUG's Main discussion list
> Subject: Re: [mdlug] Linux root exploit
>
> On Sun, Feb 10, 2008 at 8:33 PM, Michael Corral <micorral at comcast.net>
> wrote:
>
> > This looks bad. Affects just about every distro:
> >
> > http://it.slashdot.org/it/08/02/10/2011257.shtml
> >
> > Better patch your machines, pronto!
> >
> > Michael
> >
>
>
> I fully agree that this vulnerability is a big deal. But the
> exploiter has to do a couple of things first:
>
> 1) Circumvent physical security measures and have local
> access to your machine, and be able to log in to the machine.
> 2) Circumvent network security measures and be able to log
> into your machine remotely.
>
> If #1 or #2 happens, then with or without this exploit you've
> got problems.
>
> Just an observation,
> Clinton
>
I agree.
While this is certainly an issue, this is hardly dangerous if there
is no way for a user to gain remote console or local access to a machine.
Still, once a patch is available, it is important to pop it into
place.
-Rob
More information about the mdlug
mailing list