There is a common thinking error in Linux professionals today - "security holes
are not really something to worry about - these "exploits" can't REALLY be
applied to threaten anyone - they are just reports of system updates".
Consider:
1) Do you trust your users? Any user account can deploy a root buffer overflow
script.
2) Do you have SSH open to the world, yet are not sure your passwords don't
appear in the dictionary attack lists to provide $badkitties a nice shell to
buffer overflow your root (setup a rootkit and pwn your servers)?
3) Are your system patches up to date or did you simply do what everyone does
and yum update at build?
http://www.milw0rm.com/exploits/5092 = Exploit script for obtaining root from
a shell against a CVE CentOs/RedHat vmsplice() system call in the 5 kernel.
Full Example/Description of the vmsplice (3 different buffer exploits)
Including Most recent patches:
https://bugzilla.redhat.com/show_bug.cgi?id=432251
Be afraid, be very afraid!
On Sarbanes-Oxley and PCI Compliant networks, ssh is not allowed without source
and destination controls.
Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis |
http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452
_________________________________________________________________
Windows Live Hotmail now works up to 70% faster.
http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
