On Sat, Jul 18, 2009 at 9:33 PM, jan gestre <[email protected]> wrote:
> "A new flaw in the latest release of the Linux > kernel<http://threatpost.com/blogs/researcher-uses-new-linux-kernel-flaw-bypass-selinux-other-protections> > gives > attackers the ability to exploit NULL pointer dereferences and bypass the > protections of SELinux, AppArmor and the Linux Security Module. Brad > Spengler discovered the vulnerability and found a reliable way to exploit > it, giving him complete control of the remote machine. This is somewhat > similar to the magic that Mark Dowd performed last year to exploit Adobe > Flash <http://tech.slashdot.org/article.pl?sid=08/04/18/0436232&tid=952>. > Threatpost.com reports: 'The vulnerability is in the 2.6.30 release of the > Linux kernel, and in a message to the Daily Dave mailing list Spengler said > that he was able to exploit the flaw, which at first glance seemed > unexploitable. He said that he was able to defeat the protection against > exploiting NULL pointer dereferences on systems running SELinux and those > running typical Linux implementations.'" > Slashdot --> > http://it.slashdot.org/story/09/07/18/0136224/New-Linux-Kernel-Flaw-Allows-Null-Pointer-Exploits?from=rss > > -- > http://jangestre.blogpsot.com > Btw, nice site you have > > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph >
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
