[go: up one dir, main page]
|
|
Log in / Subscribe / Register

A story of three kernel vulnerabilities

A story of three kernel vulnerabilities

Posted Feb 20, 2013 10:30 UTC (Wed) by renox (guest, #23785)
In reply to: A story of three kernel vulnerabilities by Trou.fr
Parent article: A story of three kernel vulnerabilities

> I concur with spender's remark, the vulnerabilities could have been selected to underline a real problem with security and not just metrics with a DoS nobody will ever trigger (the ext4 one is a joke).

"could have been"? What about the HFS+ exploit?
As joey remarked above, it is a real issue..
By focusing on the ext4 DOS, you "forget" the other issue.

to post comments

A story of three kernel vulnerabilities

Posted Feb 20, 2013 13:52 UTC (Wed) by Trou.fr (subscriber, #26289) [Link] (3 responses)

well it's a "real" issue but it's nothing compared to others that have a wide security impact as in every script kiddie can pwn a webserver :
1) outdated CMS with remote code execution (mostly PHP)
2) easy execution of any executable
3) ready to use exploit that works reliably as unprivileged user

The HFS+ vuln is not exploitable in that case. While it can be used for "physical" attacks like the USB key, it is not usable remotely.

_Thousands_ of servers have been compromised with that scenario :
1) vulnerable webapp
2) escalation to root using kernel vulnerability (or poor sysadmin)
3) ssh backdoor to collect passwords
4) compromise other hosts, goto 3
5) use compromised servers as DDoS platforms, proxy, whatever...

A story of three kernel vulnerabilities

Posted Feb 20, 2013 16:24 UTC (Wed) by bfields (subscriber, #19510) [Link] (2 responses)

In the late eighties/early nineties I seem to recall infected floppy disks were the main (or at least a very common) vector for virus transmission.

If people don't exchange data on usb keys as much as they used to on floppies, perhaps that wouldn't be as effective these days.

A story of three kernel vulnerabilities

Posted Feb 20, 2013 23:59 UTC (Wed) by andrel (guest, #5166) [Link] (1 responses)

Supposedly Stuxnet was transmitted using a USB key.

A story of three kernel vulnerabilities

Posted Feb 21, 2013 11:55 UTC (Thu) by Trou.fr (subscriber, #26289) [Link]

Stuxnet used a vulnerability in the Windows shell (the so-called LNK vulnerability), not in the filesystem code.

As for floppies, viruses spread mostly by running infected executables, not using vulns.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds