Slashdot Mirror

← Back to Stories (view on slashdot.org)

Critical Flaw Found In Backtrack Linux

Posted by samzenpus on from the protect-ya-neck dept.

chicksdaddy writes "Threatpost is reporting on a critical security flaw in the latest version of Backtrack Linux, a popular distribution that is used by security professionals for penetration testing. The previously undiscovered privilege escalation hole was discovered by a student taking part in an InfoSec Institute Ethical Hacking class, according to the post on the group's Web site. 'The student in our ethical hacking class that found the 0day was using backtrack and decided to fuzz the program, as well as look through the source code,' wrote Jack Koziol, the Security Program Manager at the InfoSec Institute. 'He found that he could overwrite config settings and gain a root shell.' An unofficial patch is available from InfoSec Institute. Koziol said that an official patch is being tested now and is expected shortly."

1 of 84 comments (clear)

  1. Re:root password is toor by Anonymous Coward · · Score: 0, Offtopic

    You think I give a damn about security? I ain't a sucka!

    Is that the autobiography,
    Of AC? Cuz if you ever fuck with me,
    You'll get pwned, by a drunken dope brotha with who will smotha,
    Got root on that muthafucka!
    Straight Outta Compton!

    Tired of the muthafuckin' hackin,
    Sweatin' my rig while I spider Imageshack, a nd
    DMCA-ing me, and for what?
    Maybe it's because I kick so much butt,
    ...I'm sorry, I'm too drunk to finish it, but Fuck UAC! F-F-F-fuck UAC! :)