SCIENTIFIC-LINUX-USERS Archives

August 2009

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: kernel security
From:
Urs Beyerle <[log in to unmask]>
Reply To:
Urs Beyerle <[log in to unmask]>
Date:
Fri, 14 Aug 2009 15:37:54 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (45 lines) 
Ian Murray wrote:
> Is this issue only exploitable locally, or can it be done remotely?

You need to be logged in. So I would say only locally. But I guess it
would be possible to use for example a firefox security hole (if there
is one) and run as "local" firefox user the exploit.

    Urs




>
> Thanks
>
>
>
> ----- Original Message ----
>> From: Urs Beyerle <[log in to unmask]>
>> To: Stephan Wiesand <[log in to unmask]>
>> Cc: Dr Andrew C Aitchison <[log in to unmask]>; "[log in to unmask]" <[log in to unmask]>; Gasser Marc <[log in to unmask]>
>> Sent: Friday, 14 August, 2009 14:00:13
>> Subject: Re: kernel security
>>
>> Urs Beyerle wrote:
>>> Try to unload and remove the following kernel modules:
>>>
>>> ipx.ko
>>> irda.ko
>>> x25.ko
>>> ax25.ko
>>> bluetooth.ko
>>> sctp.ko
>>> pppoe.ko
>>> pppox.ko
>>>
>> and
>>
>> appletalk.ko
>>
>> if you have it.
>>
>>
>> Urs

ATOM RSS1 RSS2