Pwning Linux

Discussion in 'all things UNIX' started by Searching_ _ _, Mar 19, 2009.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    http://www.gnucitizen.org/blog/pwning-ubuntu-via-cups/

    http://www.securitytube.net/Bypassi...ulnerable-Application-with-ret2esp-video.aspx

    http://rawlab.mindcreations.com/

    http://lists.immunitysec.com/pipermail/dailydave/2007-March/004133.html
     
  2. Arup

    Arup Guest

    Good find, personally I have never liked the idea in FF of allowing 3rd party plugins. The Greasemonkey script was a disaster a while back.

    This hack on Linux shows that nothing is invulnerable to a determined human mind.
     
  3. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I google to see what was available for Linux exploits. I didn't know there were so many :)

    No where near the amount for Windows if a comparison were done.

    Since I've been tooling around on a LiveCD to get familiar with Linux, it has its advantages.
    Hardware support is much better than 2 years ago.
     
  4. tlu

    tlu Guest

    Already fixed in January, see http://www.ubuntu.com/usn/usn-707-1

    As for the other vulnerabilities, I haven't checked if they are really exploitable or if they have been fixed in the meantime.

    Nobody ever said that Linux has no vulnerabilities - any OS has. But they are usually fixed in the shortest time possible when detected - see the first example. So I'm not quite sure what you're trying to tell us.
     
  5. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Just info for interested people. I was personally curious and found some interesting info and thought I would share what I found. There is always talk about Windows exploit this or Windows exploit that. I wanted to see what was around for Linux.

    I know they fixed the cups thing, scrolling down at gnucitizen shows the updated info in the comments.

    @tlu

    Do you have any links to other exploits? I would be interested in reading about them.
     
  6. tlu

    tlu Guest

  7. lewmur

    lewmur Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    332
    To put it bluntly, that's BS. Posting about an exploit that you admit you knew had been fixed, isn't informative, it is exploiting FUD. It serves no purpose but to aid MS in their campaign to convince people, falsely, that Linux isn't a safer alternative.

    Others will probably give you "the benefit of the doubt," but personally, I don't believe your protestations that you are just trying to be "informative." I've seen this "wolf in sheep's clothing" act too many times.

    BTW, I'm happy to give you the ammunition to prove that Linux users are a bunch of meanies. Generally, they are a very helpful community. But I'm a "grumpy old man" that "doesn't suffer fools kindly."
     
    Last edited: Mar 20, 2009
  8. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Well considering Searching___ believes in invisible bios-proof rootkits, I can see the reason for liking to write about exploits. The truth is: preventing malware on Windows simple, preventing it on Linux is dead boring. No click, no trick.

    Too shame about the LB 2009 :)

    Mrk
     
  9. Arup

    Arup Guest

    I thought it was fixed already, I know for well that unlike MS or Mac, Linux won't hide vulnerabilities like this for ten years and then come out with an excuse.
     
  10. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    I wouldn't be so sure about that. You seem to be tolerating yourself quite well.
     
  11. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    @lewmur
    You trying to win me over?

    Thank you tlu for the links.

    @Markvonic
    You might believe that light travels in a straight line, but I wouldn't pick on you because of that.

    Challenging discussions are always profitable. I am going to have to look up FUD.
     
  12. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,699
    Hello,

    Searching___ ... after 5,000 posts, I guest the extra A in Mrk should obviously be avoided :)

    As to light, straight line - I'm a physicist, I know it ain't going in straight line. It gets pretty cool proving that with S integrals in Analytical Mechanics or by writing down a few Lagrangians to prove the Fermat's theorem - not his last, though :) Then, there's gravity and gravitational lensing and coupling of space time and Einstein's metrics, I'm not one for straight lines, BUT invisible rootkits are as real as gravitons.

    What about LB 2009, any news on un-cancellation :)

    Mrk
     
  13. lewmur

    lewmur Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    332
    Not really.;)
     
  14. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Oops. Srry:)
    LB is a yearly thing. I tried to order it for the SuperBowl only to find out it was cancled. They're trying to start up a regular league with teams.

    Physicist- Kool. <shouts>P-town</shouts>
    Gravity (friction) is just an effect, the result of a substance, much like water or air, just less dense.
    What's going on with Sonoluminescence?

    Insecure.org is like a clearing house, lots of stuff.
     
    Last edited: Mar 20, 2009
  15. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i don't care what anyone thinks about this thread, i'm still using an unsupported distro. i'm thinking about installing something that's supported now. i've got to get my stupid external HDD working so i can backup and reinstall.

    i'll definitely do it tomorrow lol.
     
  16. Arup

    Arup Guest


    Give Ubuntu and PCLOS a spin.
     
  17. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i think i'm going to use arch :D
     
  18. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Hey: that's my mantra: you can borrow it; but I own it. :D
    With your expertise: you'll lurve it. :)
     
  19. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    More pwnage, or if you lost your password.

    http://linuxgazette.net/issue51/tag/2.html
     
Loading...
Thread Status:
Not open for further replies.