Linux Kernel Exploit Busily Rooting 64-Bit Machines
An anonymous reader writes "Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch."
Microsoft and their associated Windows shills are loving this. Fortunately, I'm not rich enough to afford 64bit hardware, but still this is not good...
If you want news from today, you have to come back tomorrow.
The Windows geeks obviously will want to paint this as a native Linux vulnerability that they don't have - and it is marginally true.
"Marginally true"??? What's that? Is it like marginally dead or perhaps marginally pregnant? Wait a second. That can't be true. Everyone knows Linux users don't get rooted ;-)
These posts express my own personal views, not those of my employer
she's won a dick in her mouth, balls on her chin, and a nice nice fat deuce on her tits.
Come on. RHEL sucks, and the only people using it are noobs and sysadmins that didn't have the balls to tell their managers "fuck you, I'm installing slackware".
CentOS is the same, but for cheap bastards.
Regardless, you don't need an "easy fix". No qualified sysadmin uses the stock kernel that came with the distro in any critical server. If there's a patch, you'll just apply it to your sources and recompile. Only desktop users and not-critical services should rely on distro's updates. If you are relying on your distribution's updates for critical fixes on any service even remotely important, you are either fucking nuts or absolutely incompetent.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
http://tinyurl.com/linuxbad. Reason for http://openbsd.org/ and http://freebsd.org./
Well, what kind of proprietary crap are you running? choose better software, it's still your fault.
WTF am I doing replying to an AC at 5 A.M on a Friday night?
Wow, I don't think "pretty much all" windows machines were ever infected with the same thing. Good thing Linux is sooooo much more secure. I mean other than the fact that no it isn't, people just don't target them. I think people got way too comfy and caused this dire situation.
Google's Super Secret Search Algorithm: SELECT @search_results FROM internet WHERE @search_results = 'good'
How badly can the /. moderation system be abused? I'm not sure. Please read the cousin post and the parent and decide for yourself whether the moderation system has been abused by me or somebody else.
If it's me, I can bear it.
Help stamp out iliturcy.
I would be a default Windows Server 2008 installation with all updates installed. Interested?
Yep, there is a very BIG difference between someone rooting your machine locally, or through the internet. If someone can root my box locally, I have much bigger worries to contend with, such as someone is in my house, where is my gun
As long as someone can't root my Linux 64 box through the internet, this is a non-issue.
Nothing to see here, please move along
"Suppose you were an idiot...and suppose you were a member of Congress...but I repeat myself." Mark Twain
Hah hah hah hah, you're a real cocker now. What part of *PENIS* do you not understand?
Your post was a troll and so is the reply. And so is this post. Faggot.