Slashdot Mirror

← Back to Stories (view on slashdot.org)

No ELF Vulnerability in 2.6 Kernel

Posted by Hemos on from the good-news-bear dept.

gaijincory writes "Greg KH, the co-maintainer of the 2.6 kernel has posted a comment on lwn.net confirming that there is indeed no such ELF vulnerability as spelled out by Paul Starzetz on isec. The bug was originally thought to be particularly nasty, allowing a malicious user to gain elevated privileges using a carefully crafted binary which would exploit the kernel's Executable and Linking Format. The bug's author confirmed that no one has been able to repro the exploit."

2 of 86 comments (clear)

  1. Hold on CowBoy by Anonymous Coward · · Score: -1, Offtopic

    Give us some time to read the earlier stories first. Why is H posting another story in less than 15 minutes ?

  2. How does this happen? by Anonymous Coward · · Score: -1, Offtopic

    Well, if the cable modem (router/gateway I assume) has a firewall, it will obviously block all invalid packets, and sometimes DoS attacks.
    Otherwise, all (I think) cable modems / routers will give away their IP, BUT they should all protect the users behind them, through natting or dhcp.
    But even then, the machine behind can be targeted using various techniques (one is to exploit the router itself).

    If you're not talking about a router, then yes, the IP of the Windows machine (like linux) is exposed which means anyone can run checks and such on services which are vulnerable.

    But then it really depends on how up-to-date your windows machine is. It's still highly unlikely that it'll be exploited, unless someone (clueless person) clicks on a link to activate a virus or such through an email, or activates a service for back-door entry.

    BTW, note that the jpeg flaw was fixed very quickly, and most machines weren't vulnerable anyway (such as mine).

    Windows XP is actually very stable, supporting multiple networked users (multi-user and multi-tasking), but lacks in that all accounts by default have admin privilege(!). And that is mostly the reason behind all the viruses, spyware and auto-spam-servers.

    Besides all that, since most Windows vulnerabilities aren't based on a kernel attack (unlike linux), but instead the services you have activated, you can simply disable the ones you don't need, and just be sensible about which applications you open through emails (hopefully none!).

    But even after all that, a user can come along and browse the web using IE and activate some activex component, or installs some other IE component or JScript which allows entry to the machine.

    If the user isn't using IE and isn't running a server (such as httpd), then it's quite unlikely that anything bad will happen. Unless someone specifically targets the machine and scans for all activated services, etc, and launches an attack against an un-patched vulnerability.

    I would be brave enough to state that a Win2k / WinXP / Win2003 is just as secure as UNIX / FreeBSD / OSX, if: -

    * The user using the machine doesn't have admin rights,
    * Windows and related networking software is kept up-to-date,
    * Doesn't use IE / related mail product.