Valhalla Legends Forums Archive | General Discussion | Linux Exploit

AuthorMessageTime
crashtestdummy
http://linuxreviews.org/news/2004-06-11_kernel_crash/index.html

For any of you out there you may wanna patch. The exploit crashes 2.4 and 2.6 kernels. And it doesn't require root to run.
June 15, 2004, 6:50 AM
Mephisto
Down with Linux!
June 15, 2004, 7:19 AM
Thing
Mephisto, your insight truly is mind-numbing.

This vulerability should be considered Mild at best. This is not self replicating. The major vendors have already released patches. It is unlikely that a home user allows shell or ftp accounts on their machines. This vuln does not give elevated priveledges. Users on unpatched boxes would need to have brain damage to crash the box that they have an account on. Such activity is easily traceable and the offending user would have his pee-pee smacked.

Now, back to my mid-morning nap.
June 15, 2004, 11:41 AM
iago
[quote author=Thing link=board=2;threadid=7261;start=0#msg65353 date=1087299672]
Users on unpatched boxes would need to have brain damage to crash the box that they have an account on.[/quote]

hmm, I think I'm going to crash my own computer. Huk!
June 15, 2004, 12:09 PM
mynameistmp
This is a kernel vulnerability that traverses stable version releases. Perhaps it is not necessary for home users to run shell servers or ftp servers on their linux machines but who doesn't run atleast one of the two ? On the other side of this mild leaf, there is industry. If this is a bug that only strikes on a commercial level, it's not a serious problem. I trust you'll pick up on that last one.

Providing services on a professional level, upgrading the kernel on every system is a huge pain in the ass. You'll have to license or design a distribution method, and reboot every machine. Any kernel bug in a linux kernel stable release is considered very serious. Providing stable services while rebooting per/kernelrelease doesn't work.

There is however one saving grace for some of us that have to deal with this. It has been noted that grsecurity's PAX implementation doesn't prevent this problem. However, you can use grsec's ACL system as a form of prevention. So, if you have grsecurity (2.4.* , or 2.6.*) patches compiled with your kernel you save yourself a reboot/kernel install for now.
June 15, 2004, 8:42 PM
Mephisto
[quote author=Thing link=board=2;threadid=7261;start=0#msg65353 date=1087299672]
Mephisto, your insight truly is mind-numbing.
[/quote]

It was a joke out of bordrem. *shrug*
People should at least be able to detect sarcasm to an extent...
June 15, 2004, 8:50 PM
Tuberload
[quote author=Mephisto link=board=2;threadid=7261;start=0#msg65379 date=1087332614]
[quote author=Thing link=board=2;threadid=7261;start=0#msg65353 date=1087299672]
Mephisto, your insight truly is mind-numbing.
[/quote]

It was a joke out of bordrem. *shrug*
People should at least be able to detect sarcasm to an extent...
[/quote]

And others should humble themselves a little bit... *shrug*
June 15, 2004, 9:37 PM
hismajesty
[quote author=Mephisto link=board=2;threadid=7261;start=0#msg65379 date=1087332614]
[quote author=Thing link=board=2;threadid=7261;start=0#msg65353 date=1087299672]
Mephisto, your insight truly is mind-numbing.
[/quote]

It was a joke out of bordrem. *shrug*
People should at least be able to detect sarcasm to an extent...
[/quote]

Well you being the M$ zealot that you are it wasn't too clear.
June 16, 2004, 1:44 AM
Thing
Mephisto, allow me to enlighten you.
http://dictionary.reference.com/search?q=sarcasm
1. # A cutting, often ironic remark intended to wound.
2. # A form of wit that is marked by the use of sarcastic language and is intended to make its victim the butt of contempt or ridicule.

There was nothing witty or ironic in your statement "Down with Linux!" Quite the contrary, you sound like a religious or political zealot chanting a redundant phrase such as "Down with grapes!". Therfore, I took it as the bland remark that it was. My ripost "Mephisto, your insight truly is mind-numbing." was quite witty and fits the definition of sarcasm quite well. Please PM me with your mailing address so that I can send you a bill for your education.

-------------------------------------------------------

mynameistmp, have you considered scheduling updates via a cron job. SuSE makes it possible to update via http, ftp, smb, nfs, cd or dvd using online_update.
June 16, 2004, 2:47 AM
Mephisto
I guess I had a different idea of what the expression "Down with Linux!" was. But nontheless it was a joking around. Anyways, you don't have to be so technical about it or such a bitch. ;) Jesus, what are people in this world coming to...
June 16, 2004, 3:08 AM
iago
[quote author=Mephisto link=board=2;threadid=7261;start=0#msg65432 date=1087355304]
I guess I had a different idea of what the expression "Down with Linux!" was. But nontheless it was a joking around. Anyways, you don't have to be so technical about it or such a bitch. ;) Jesus, what are people in this world coming to...
[/quote]

Coming to? I've known Thing since you were like 8, and he's always been a bitch. That's why we love him so much! :)
June 16, 2004, 3:17 AM

Search