On Thu, 11 Nov 2010 20:40:24 +0100 bendeguz <[email protected]> wrote:
> Hi all! > > Do I have to worry about the mentioned security bug > in glibc? I'm using version 2.11.1. > > http://seclists.org/fulldisclosure/2010/Oct/257 says: > "Please note, this is a low impact vulnerability that is only of interest to > security professionals and system administrators. End users do not need > to be concerned." > As I understand it, to exploit the vulnerability someone needs to have physical access to the machine (it can't be exploited over the net? Is that right?). If they have access to the machine they could get root access by booting a live cd. It's not something I'm losing sleep over. No doubt it will be fixed in the next version of glibc. Andy -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
