Ian Murray wrote:
> Is this issue only exploitable locally, or can it be done remotely?
You need to be logged in. So I would say only locally. But I guess it
would be possible to use for example a firefox security hole (if there
is one) and run as "local" firefox user the exploit.
Urs
>
> Thanks
>
>
>
> ----- Original Message ----
>> From: Urs Beyerle <[log in to unmask]>
>> To: Stephan Wiesand <[log in to unmask]>
>> Cc: Dr Andrew C Aitchison <[log in to unmask]>; "[log in to unmask]" <[log in to unmask]>; Gasser Marc <[log in to unmask]>
>> Sent: Friday, 14 August, 2009 14:00:13
>> Subject: Re: kernel security
>>
>> Urs Beyerle wrote:
>>> Try to unload and remove the following kernel modules:
>>>
>>> ipx.ko
>>> irda.ko
>>> x25.ko
>>> ax25.ko
>>> bluetooth.ko
>>> sctp.ko
>>> pppoe.ko
>>> pppox.ko
>>>
>> and
>>
>> appletalk.ko
>>
>> if you have it.
>>
>>
>> Urs