Re: Recent Linux vulnerabilities

From: Michael Richardson (mcr@sandelman.ottawa.on.ca)
Date: Wed Jan 19 2005 - 19:44:32 EST

• Next message: BSK: "Re: priviledge escalation techniques"
• Previous message: jnf: "Re: priviledge escalation techniques"
• Maybe in reply to: Leonardo Eloy: "Recent Linux vulnerabilities"
• Next in thread: Leonardo Eloy: "Re: Recent Linux vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

-----BEGIN PGP SIGNED MESSAGE-----

First, many of those reports are 2.6 specific.
Many deployed systems are running 2.4, which does not have anywhere near
as many issues.

Second, "local exploits" mean you need to get a local user.
If you assume that, then you can assume a lot of other things too.

I wish that the site would actually link to the CVE report.

- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/ www.xelerance.com/training/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQe7+74qHRg3pndX9AQFAiwQA4P0TRCIV4z0/C90h9Zs5DXBvd0Z+P2LH
r3A9XAjTUDahaEnIFMsM6IuYc1LjtbOR5bdzBQPBq7Gk8PhUixy5r8uHqRVL5Frd
QJMmF3ZLXUkBbYzNTSauSUZJXD9QWnuIdmO/EUlBQynrBWAwzPDyBoH6oz4y8kD7
mdq55Zpzky0=
=Nbix
-----END PGP SIGNATURE-----

• Next message: BSK: "Re: priviledge escalation techniques"
• Previous message: jnf: "Re: priviledge escalation techniques"
• Maybe in reply to: Leonardo Eloy: "Recent Linux vulnerabilities"
• Next in thread: Leonardo Eloy: "Re: Recent Linux vulnerabilities"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:14 EDT