Forum » Operacijski sistemi » Linux varnostne luknje
Linux varnostne luknje
undefined ::
Za vse laike, ki mislijo, da je Linux neranljiv, da ne boste živeli v temi...
Pa še več jih je, samo se mi jih ni zljubilo več limat.Tile našteti so le najnovešji od zadnjih nekaj tednov. ;)
Remote and local vulnerabilities in XFree86 font libraries
Details:
I have identified several bugs in the font libraries of the current version (4.3.0) of the XFree86 font libraries. These bugs could potentially lead to the execution of arbitrary code by a remote user in any process which calls the functions in question. The functions are related to the transfer and enumeration of fonts from font servers to clients, limiting the range of the exposure caused by these bugs.
Specifically, several variables passed from a font server to a client are not adequately checked, allowing integer overflows to cause erroneous sizes of buffers to be calculated. These erroneous calculations can lead to buffers on the heap and stack overflowing, potentially leading to arbitrary code execution. As stated before, the risk is limited by the fact that only clients can be affected remotely by these bugs, but in some (non default) configurations, both xfs and XServer can act as clients to remote font servers. In these configurations, both xfs and XServer could be potentially compromised remotely. Also, it is possible for a local unprivileged user to alter the configuration of Xserver in such a manner as to force it to load a font from an arbitrary font server. Since Xserver is setuid root by default, a local user may potentially gain root privileges.
LINUX SECURITY ANNOUNCEMENT
---------------------------------------------------------------------------
DESCRIPTION
Sendmail is a widely used Mail Transfer Agent (MTA).
Sendmail versions 8.12.8 and before have a remote vulnerability related to DNS maps. If such maps are being used, invalid DNS responses will make sendmail attempt to free incorrect memory areas, usually resulting in a crash. It has not been determined whether this vulnerability can be used to execute remote commands or not.
The packages supplied via this update contain a patch to fix this vulnerability.
Debian Security Advisory DSA 274-1 security debian org
http://www.debian.org/security/ Martin Schulze
August 29th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : node
Vulnerability : buffer overflow, format string
Problem-Type : remote
Debian-specific: no
Morgan alias SM6TKY discovered and fixed several security related problems in LinuxNode, an Amateur Packet Radio Node program. The buffer overflow he discovered can be used to gain unauthorised root access and can be remotely triggered.
Linux Security Update Advisory
________________________________________________________________________
Package name: gkrellm
Advisory ID: MDKSA-2003:087
Date: August 28th, 2003
Affected versions: 9.1
________________________________________________________________________
Problem Description:
A buffer overflow was discovered in gkrellmd, the server component of the gkrellm monitor package, in versions of gkrellm 2.1.x prior to 2.1.14. This buffer overflow occurs while reading data from connected gkrellm clients and can lead to possible arbitrary code execution as
the user running the gkrellmd server.
Turbolinux Security Announcement 27/Aug/2003
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) gdm -> Multiple vulnerabilities in gdm
(2) perl -> Cross-site scripting vulnerability
===========================================================
* gdm -> Multiple vulnerabilities in gdm
===========================================================
More information :
Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. GDM contains a bug where GDM will run as root when examining the ~/.xsession-errors file when using the "examine session errors" feature, allowing local users the ability to read any text file on the system by creating a symlink. The vulnerability in the XDMCP ( X Display Manager Control Protocol) support for GDM allows attackers to cause a denial of service.
Impact :
These vulnerabilities may allow local users to read arbitrary files on the system by creating a symlink and allow an attacker to create a DoS condition on the GDM.
Red Hat Security Advisory
Problem description:
The pam_smb module is a pluggable authentication module (PAM) used to authenticate users using an external Server Message Block (SMB) server.
A buffer overflow vulnerability has been found that affects unpatched versions of pam_smb up to and including 1.1.6.
On systems that use pam_smb and are configured to authenticate a remotely accessible service, an attacker can exploit this bug and remotely execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0686 to this issue.
Red Hat Linux versions 7.2, 7.3, 8.0, and 9 ship with versions of pam_smb that are vulnerable to this issue, however pam_smb is not enabled by default.
Users of pam_smb are advised to upgrade to these erratum packages, which contain a patch to version 1.1.6 to correct this issue.
Red Hat would like to thank Dave Airlie of the Samba team for notifying us of this issue.
Debian Security Advisory DSA 344-2 security debian org
http://www.debian.org/security/ Matt Zimmerman
August 26th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
A directory traversal vulnerability in UnZip 5.50 allows attackers to bypass a check for relative pathnames ("../") by placing certain invalid characters between the two "." characters. The fix which was implemented in DSA-344-1 may not have protected against all methods of exploiting this vulnerability.
Linux Security Update Advisory
________________________________________________________________________
Package name: perl-CGI
Advisory ID: MDKSA-2003:084
Date: August 20th, 2003
Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2
________________________________________________________________________
Problem Description:
Eye on Security found a cross-site scripting vulnerability in the start_form() function in CGI.pm. This vulnerability allows a remote attacker to place a web script in a URL which feeds into a form's action parameter and allows execution by the browser as if it was coming from the site.
Linux Security Update Advisory
________________________________________________________________________
Package name: eroaster
Advisory ID: MDKSA-2003:083
Date: August 19th, 2003
Affected versions: 9.0, 9.1, Corporate Server 2.1
________________________________________________________________________
Problem Description:
A vulnerability was discovered in eroaster where it does not take any security precautions when creating a temporary file for the lockfile. This vulnerability could be exploited to overwrite arbitrary files with the privileges of the user running eroaster.
Debian Security Advisory DSA 373-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 16th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Christian Jaeger discovered a buffer overflow in autorespond, an email autoresponder used with qmail. This vulnerability could potentially be exploited by a remote attacker to gain the privileges of a user who has configured qmail to forward messages to autorespond. This vulnerability is currently not believed to be exploitable due to incidental limits on the length of the problematic input, but there may be situations in which these limits do not apply.
For the stable distribution (woody) this problem has been fixed in version 2.0.2-2woody1.
For the unstable distribution (sid) this problem will be fixed soon.
Debian Security Advisory DSA 372-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 16th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Shaun Colley discovered a buffer overflow vulnerability in netris, a network version of a popular puzzle game. A netris client connecting to an untrusted netris server could be sent an unusually long data packet, which would be copied into a fixed-length buffer without bounds checking. This vulnerability could be exploited to gain the priviliges of the user running netris in client mode, if they connect to a hostile netris server.
For the current stable distribution (woody) this problem has been fixed in version 0.5-4woody1.
Red Hat Security Advisory
Problem description:
The unzip utility is used for manipulating archives, which are multiple files stored inside of a single file.
A vulnerabilitiy in unzip version 5.50 and earlier allows attackers to overwrite arbitrary files during archive extraction by placing invalid (non-printable) characters between two "." characters. These non-printable characters are filtered, resulting in a ".." sequence. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0282 to this issue.
This erratum includes a patch ensuring that non-printable characters do not make it possible for a malicious .zip file to write to parent directories unless the "-:" command line parameter is specified.
SuSE Security Announcement
The list of the vulnerabilities is as follows:
- fix for a possible denial of service attack (DoS) in the routing code
- fix for a possible attack of an unpriviledged user via ioport
- fix for a re-binding problem of UDP port 2049 (NFS) sockets
- fix for a kernel panic with pptpd when mss > mtu
- fix for console redirect bug
- fix for the execve() file read race vulnerability
- fix for several race conditions in procfs
- fix for possible DoS in netfilter code
- fix for possible DoS in NFSv3 code
Red Hat Security Advisory
Problem description:
KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment.
George Staikos reported that Konqueror may inadvertently send authentication credentials to websites other than the intended website in clear text via the HTTP-referer header. This can occur when authentication credentials are passed as part of a URL in the form http://user:password@host/
Red Hat Security Advisory
Problem description:
Daredevil SKK is a simple Kana to Kanji conversion program, an input method of Japanese for Emacs and XEmacs.
ddskk does not take appropriate security precautions when creating temporary files. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running Emacs and skk. The Common Vulnerabilities and Exposures project (cve.mitre.org) has allocated the name CAN-2003-0539 to this issue.
Debian Security Advisory DSA 370-1 security debian org
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Florian Zumbiehl reported a vulnerability in pam-pgsql whereby the username to be used for authentication is used as a format string when writing a log message. This vulnerability may allow an attacker to execute arbitrary code with the privileges of the program requesting
PAM authentication.
Debian Security Advisory DSA 369-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Steve Kemp discovered a buffer overflow in zblast-svgalib, when saving the high score file. This vulnerability could be exploited by a local user to gain gid 'games', if they can achieve a high score.
Red Hat Security Advisory
Problem description:
The Red Hat Update Agent, up2date, automatically queries the Red Hat Network servers and determines which packages need to be updated on your machine.
up2date versions 3.0.7 and 3.1.23 incorrectly check RPM GPG signatures. These are the versions found in Red Hat Linux 8.0 and 9.
This bug allows packages which have no GPG signature to be installed by up2date if they are provided by the Red Hat Network servers. The intended behaviour is that only packages signed with the Red Hat package signing key will be installed.
For an attacker to make use of this flaw, they would have to make unsigned packages appear on the Red Hat Network. Connections to the Red Hat Network servers are authenticated and verified by the use of SSL, so it is not possible to intercept the connection to Red Hat Network servers and give
unsigned packages. To make use of this flaw, an attacker would have to compromise the Red Hat Network servers at Red Hat.
Debian Security Advisory DSA 368-1 security debian org
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Steve Kemp discovered a buffer overflow in xpcd-svga which can be triggered by a long HOME environment variable. This vulnerability could be exploited by a local attacker to gain root privileges.
Debian Security Advisory DSA 367-1 security debian org
http://www.debian.org/security/ Matt Zimmerman
August 8th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Another buffer overflow was discovered in xtokkaetama, involving the
"-nickname" command line option. This vulnerability could be
exploited by a local attacker to gain gid 'games'.
Trustix Secure Linux Security Advisory #2003-0030
Package name: stunnel
Summary: Denial of service
Date: 2003-08-07
Affected versions: TSL 1.2, 1.5
- --------------------------------------------------------------------------
Problem description:
Stunnel prior to 3.25 and 4.04 has an error in the SIGCHILD handling code which could lead to a denial of service attack if the child processes were terminated too fast.
Debian Security Advisory DSA 365-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 5th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Several vulnerabilities have been discovered in phpgroupware:
- - CAN-2003-0504: Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
- - CAN-2003-0599: Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
- - CAN-2003-0657: Multiple SQL injection vulnerabilities in the infolog module of phpgroupware could allow remote attackers to execute arbitrary SQL statements.
For the stable distribution (woody), these problems have been fixed in version 0.9.14-0.RC3.2.woody2.
For the unstable distribution (sid), these problems will be fixed soon. Refer to Debian bug #201980.
Debian Security Advisory DSA 366-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
August 5th, 2003 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : eroaster
Vulnerability : insecure temporary file
Problem-Type : local
Debian-specific: no
CVE Id : CAN-2003-0656
eroaster, a frontend for burning CD-R media using cdrecord, does not take appropriate security precautions when creating a temporary file for use as a lockfile. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running eroaster.
Mandrake Linux Security Update Advisory
________________________________________________________________________
Problem Description:
Two vulnerabilities were discovered in the postfix MTA by Michal Zalewski. Versions prior to 1.1.12 would allow an attacker to bounce-scan private networks or use the daemon as a DDoS (Distributed Denial of Service) tool by forcing the daemon to connect to an arbitrary service at an arbitrary IP address and receiving either a bounce message or by timing. As well, versions prior to 1.1.12 have a bug where a malformed envelope address can cause the queue manager to lock up until an entry is removed from the queue and also lock up the SMTP listener leading to a DoS.
Pa še več jih je, samo se mi jih ni zljubilo več limat.Tile našteti so le najnovešji od zadnjih nekaj tednov. ;)
MUC ::
http://www.securityfocus.com/bid
K bos tm bral, se to bo zdel, da je linux lukenj malo. Vecino napisanih llukenj zgorej je starih že, tko je recimo sendmail 8.12.9 zunej že okol pol leta, pa so šele odkril lukno za sendail 8.12.8 .. velika večina tega sendmaila ne uporblja več.
Enako za več drugih stvari.
K bos tm bral, se to bo zdel, da je linux lukenj malo. Vecino napisanih llukenj zgorej je starih že, tko je recimo sendmail 8.12.9 zunej že okol pol leta, pa so šele odkril lukno za sendail 8.12.8 .. velika večina tega sendmaila ne uporblja več.
Enako za več drugih stvari.
undefined ::
Luknja, ki je omogočala delovanje črva MSBlast, je bila tudi že stara najmanj 2 meseca ali celo več, prav toliko časa je bil na voljo tudi security fix na WindowsUpdate strani. Vendar pa je črv udaril na plano šele ta mesec in o njem se je prav tako pisalo šele v tem času. Tako da je govoriti, da je neka luknja "stara", več ali manj irelevantno, ker 90% uporabnikov sploh še ne ve za to, dokler jih nekaj ne doleti, niti jih ne zanimajo raznorazni varnostni popravki. Dejstvo pa je, da so bile te luknje razglašene prav tako ta mesec, kot RPC luknja.
Kar je tukaj poanta je izpodbijanje dejstva, da so luknje le v Winsih, kar je že trdil marsikateri Linux freak na tem forumu.
Kar je tukaj poanta je izpodbijanje dejstva, da so luknje le v Winsih, kar je že trdil marsikateri Linux freak na tem forumu.
Zgodovina sprememb…
- spremenilo: undefined ()
Phoebus ::
Seveda, ampak tu se vsaj zares dela na securityju. Bug se odkrije in se ga da na mailing liste in web in zadeve so urejene in popravljene *zelo* hitro.
Rumko ::
sej ne mislimo da je neranljiv, vecinoma sam script-kiddieji ne morejo nic (pac golazen ti ne more vec tezit pa se pol lohka tem podganam smejes v glavo), pa dost ostalih tud onemogočiš
vsak pa itq ve da t pravi hackerji itq lahko na vsak računalnik vdrejo, ne glede na zaščito (dobr no, ce računalnik ni na nobeno omrežje prkljuceno pol tud hackerji ne morejo)
vsak pa itq ve da t pravi hackerji itq lahko na vsak računalnik vdrejo, ne glede na zaščito (dobr no, ce računalnik ni na nobeno omrežje prkljuceno pol tud hackerji ne morejo)
undefined ::
Phoebus, na windowsupdate pa je popravek na voljo že en mesec pred najavom same luknje na širnem spletu. What's your point?
undefined ::
> ej ne mislimo da je neranljiv, vecinoma sam script-kiddieji ne morejo nic (pac golazen ti ne more vec tezit pa se pol lohka tem podganam smejes v glavo), pa dost ostalih tud onemogočiš
To vemo tud mi pri Winsih, ravno v tolikšni meri.
> vsak pa itq ve da t pravi hackerji itq lahko na vsak računalnik vdrejo, ne glede na zaščito
Aja? Daj mi razloži kako, če ne leufaš nobenega serverja. To me pa res zanima.
To vemo tud mi pri Winsih, ravno v tolikšni meri.
> vsak pa itq ve da t pravi hackerji itq lahko na vsak računalnik vdrejo, ne glede na zaščito
Aja? Daj mi razloži kako, če ne leufaš nobenega serverja. To me pa res zanima.
kopernik ::
Pomembno je tudi to, da si linux dobil zastonj, za windowse je pa potrebno plačati.
Uporabniki windowsov imajo ves čas probleme z raznimi virusi in črvi. Uporabniki Linuxa pa ne.
Torej?
Uporabniki windowsov imajo ves čas probleme z raznimi virusi in črvi. Uporabniki Linuxa pa ne.
Torej?
BigWhale ::
IceMan, ce bi bolj pozorno spremljal BugTraq recimo, bi videl, da se bugi, ki so najdeni v open source projektih odpravljajo v vecini precej hitreje kot se to dogaja pri closed source programih. Se je ze zgodilo, da je clovek objavil pomanjkljivost v Win in pri tem povedal, da je pred tremi meseci poslal mail na Microsoft, pa mu ni nihce niti odgovoril. Patch za Win je pa prisel ven se kaka dva mesece kasneje.
Nihce ne trdi, da je Linux perfekten in nihce te ne sili, da ga uporabljas. Ampak nikarte kvasiti neumnosti.
:)
Nihce ne trdi, da je Linux perfekten in nihce te ne sili, da ga uporabljas. Ampak nikarte kvasiti neumnosti.
:)
Rumko ::
> > vsak pa itq ve da t pravi hackerji itq lahko na vsak računalnik vdrejo, ne glede na zaščito
> Aja? Daj mi razloži kako, če ne leufaš nobenega serverja. To me pa res zanima.
http://www.slo-tech.com/ostalo/pravila/...
better luck next time
> Aja? Daj mi razloži kako, če ne leufaš nobenega serverja. To me pa res zanima.
http://www.slo-tech.com/ostalo/pravila/...
better luck next time
undefined ::
> Pomembno je tudi to, da si linux dobil zastonj, za windowse je pa potrebno plačati.
Meni ni potrebno.
> Uporabniki windowsov imajo ves čas probleme z raznimi virusi in črvi. Uporabniki Linuxa pa ne.
Novejši avtomobili imajo tudi več problemov z elektroniko, kot starejši.
Pri OSih pa je dejstvo, da ne bo nekdo šel delat črva ali virusa za sistem, katerega uporablja le majhna peščica ljudi. Dokaj logično. Saj se Linux črv niti ne bi mel kam širit, bi zasedel vseh tistih 1000 mašin v nekaj urah.
> Torej?
Torej?
Meni ni potrebno.
> Uporabniki windowsov imajo ves čas probleme z raznimi virusi in črvi. Uporabniki Linuxa pa ne.
Novejši avtomobili imajo tudi več problemov z elektroniko, kot starejši.
Pri OSih pa je dejstvo, da ne bo nekdo šel delat črva ali virusa za sistem, katerega uporablja le majhna peščica ljudi. Dokaj logično. Saj se Linux črv niti ne bi mel kam širit, bi zasedel vseh tistih 1000 mašin v nekaj urah.
> Torej?
Torej?
kopernik ::
Torej jaz sem povedal neko dejstvo, ti pa iščeš izgovore. Ne briga me, zakaj in pod kakšnimi pogoji. Meni je važna samo nevarnost, ki preti mojemu sistemu, če je na njem windows ali pa linux. Simple as that
undefined ::
BigWhale, natančno si preberi zgoraj napisano, potem pa napiši repliko. Naslovna vrstica ni dovolj.
> http://www.slo-tech.com/ostalo/pravila/...
better luck next time
Poanta je, da ne znaš povedat, ker možnosti ni. V računalnik se vdre preko porta, ki ga uporablja na mašini serverska aplikacija, če te aplikacije ni, tudi porta ni, tudi remote ranljivosti ni.
> http://www.slo-tech.com/ostalo/pravila/...
better luck next time
Poanta je, da ne znaš povedat, ker možnosti ni. V računalnik se vdre preko porta, ki ga uporablja na mašini serverska aplikacija, če te aplikacije ni, tudi porta ni, tudi remote ranljivosti ni.
undefined ::
> Meni je važna samo nevarnost, ki preti mojemu sistemu, če je na njem windows ali pa linux. Simple as that
Ravno v ta namen zgoraj objavljene luknje. Luknje za Winse pa že pokrijejo splošne novice na slo-techu.
Ravno v ta namen zgoraj objavljene luknje. Luknje za Winse pa že pokrijejo splošne novice na slo-techu.
kopernik ::
Iceman... ne mislim se prerekati o brezveznih stvareh. Če ti windowsi ustrezajo jih uporabljaj.
Se mogoče počutiš ogroženega? Če je odgovor DA, potem si namesti Linux... če pa je odgovor NE, ti pa ni potrebno skrbeti za varnostne luknje v Linuxu, saj ti s tem ne boš imel problemov. Ostali se bomo že nekako znašli.
Se mogoče počutiš ogroženega? Če je odgovor DA, potem si namesti Linux... če pa je odgovor NE, ti pa ni potrebno skrbeti za varnostne luknje v Linuxu, saj ti s tem ne boš imel problemov. Ostali se bomo že nekako znašli.
kopernik ::
Poanta je, da ne znaš povedat, ker možnosti ni. V računalnik se vdre preko porta, ki ga uporablja na mašini serverska aplikacija, če te aplikacije ni, tudi porta ni, tudi remote ranljivosti ni.
Aja? Kako pa poteka komunikacija medtem ko surfaš po internetu?
Aja? Kako pa poteka komunikacija medtem ko surfaš po internetu?
undefined ::
> če pa je odgovor NE, ti pa ni potrebno skrbeti za varnostne luknje v Linuxu, saj ti s tem ne boš imel problemov.
Tukaj se gre zgolj za osveščanje uporabnikov, ki so dokaj novi v Linuxu in ne vedo, da ima tudi ta pomanjkljivosti in luknje. To je navedeno že v prvi vrstici te teme.
> Ostali se bomo že nekako znašli.
Heh, zakaj pa potem sploh repliciraš na to temo? Se morda ti počutiš ogroženega?
Tukaj se gre zgolj za osveščanje uporabnikov, ki so dokaj novi v Linuxu in ne vedo, da ima tudi ta pomanjkljivosti in luknje. To je navedeno že v prvi vrstici te teme.
> Ostali se bomo že nekako znašli.
Heh, zakaj pa potem sploh repliciraš na to temo? Se morda ti počutiš ogroženega?
undefined ::
> Aja? Kako pa poteka komunikacija medtem ko surfaš po internetu?
Um, preko lokalnih 65536 random portov klienta? Kaj pa boš s tem počel, tudi če kerga zadaneš, pa ne vem. Hekal v mašino sigurno ne boš.
Um, preko lokalnih 65536 random portov klienta? Kaj pa boš s tem počel, tudi če kerga zadaneš, pa ne vem. Hekal v mašino sigurno ne boš.
undefined ::
>> Za vse laike, ki mislijo, da je Linux neranljiv
>> Tukaj se gre zgolj za osveščanje uporabnikov, ki so dokaj novi v Linuxu in ne vedo, da ima tudi ta pomanjkljivosti in luknje. To je navedeno že v prvi vrstici te teme.
> Ti si odprl temo, ne jaz. Negotovost torej mora izvirati iz tvoje strani.
Daj še enkrat točno preberi zakaj, morda ti bo jasno. Potem pa povej, zakaj se počutiš ogroženega. ;)
>> Tukaj se gre zgolj za osveščanje uporabnikov, ki so dokaj novi v Linuxu in ne vedo, da ima tudi ta pomanjkljivosti in luknje. To je navedeno že v prvi vrstici te teme.
> Ti si odprl temo, ne jaz. Negotovost torej mora izvirati iz tvoje strani.
Daj še enkrat točno preberi zakaj, morda ti bo jasno. Potem pa povej, zakaj se počutiš ogroženega. ;)
kopernik ::
1. hotel sem samo poudariti, da komunikacija preko portov vedno poteka
2. kaj je zate hekanje? nadzor nad remote mašino? crash remote mašine? sniffanje podatkov, ki se pretakajo med dvema mašinama?
2. kaj je zate hekanje? nadzor nad remote mašino? crash remote mašine? sniffanje podatkov, ki se pretakajo med dvema mašinama?
undefined ::
> kaj je zate hekanje? nadzor nad remote mašino? crash remote mašine? sniffanje podatkov, ki se pretakajo med dvema mašinama?
Nič od naštetega ne moreš storit brez odprtega remote porta, ki pa zahteva serversko aplikacijo, pa naj bo to trojan server, web server, ali pa le preprost netbios ali RPC.
Nič od naštetega ne moreš storit brez odprtega remote porta, ki pa zahteva serversko aplikacijo, pa naj bo to trojan server, web server, ali pa le preprost netbios ali RPC.
kopernik ::
Daj še enkrat točno preberi zakaj, morda ti bo jasno. Potem pa povej, zakaj se počutiš ogroženega. ;)
Ne mislim se prerekati o neumnostih. Tudi nočem speljati teme nekam, kamor ni potrebno. Lepo se imej še naprej.
Ne mislim se prerekati o neumnostih. Tudi nočem speljati teme nekam, kamor ni potrebno. Lepo se imej še naprej.
undefined ::
> Ne mislim se prerekati o neumnostih. Tudi nočem speljati teme nekam, kamor ni potrebno. Lepo se imej še naprej.
No, lepo, da si pravočasno odnehal. ;)
No, lepo, da si pravočasno odnehal. ;)
Brane2 ::
Iceman:
Tole kar si pokazal, je ze dolgo znana stvar. To, da Xi niso varni kar tako za imet na serverju vedo ze vsi. Pa vandar je ta "ranljivost", ki so jo opisali precej nedolzna in ne omogoca folku da ti kar tako sesujejo masino. Gre samo za slucaj, ko se gres remote desktop z Xi in ko ima server do klienta sovrazne namene.
V raznih reportih so navedene tudi take stvari. Pac polovit je treba vse napake in folk mora bit obvescen o tem. Podobno je s sendmailom. Pogoj da ga zjebes je,da se pogovarja s sovraznim DNS serverjem. Pa se takrat lahko samo zrusis sendmail - ne pa tudi recimo prevzames nadzor nad sistemom.
Kar se resnosti bugov tice, ta varira. Dolocene stvari so resenjse, vendar tezko presezejo resnost napak v denimo Internet Explorerju (arbitrary code execution by visiting a page etc), napake v Outlooku itd, ki so ponavadi postimane zelo pozno...
Tole kar si pokazal, je ze dolgo znana stvar. To, da Xi niso varni kar tako za imet na serverju vedo ze vsi. Pa vandar je ta "ranljivost", ki so jo opisali precej nedolzna in ne omogoca folku da ti kar tako sesujejo masino. Gre samo za slucaj, ko se gres remote desktop z Xi in ko ima server do klienta sovrazne namene.
V raznih reportih so navedene tudi take stvari. Pac polovit je treba vse napake in folk mora bit obvescen o tem. Podobno je s sendmailom. Pogoj da ga zjebes je,da se pogovarja s sovraznim DNS serverjem. Pa se takrat lahko samo zrusis sendmail - ne pa tudi recimo prevzames nadzor nad sistemom.
Kar se resnosti bugov tice, ta varira. Dolocene stvari so resenjse, vendar tezko presezejo resnost napak v denimo Internet Explorerju (arbitrary code execution by visiting a page etc), napake v Outlooku itd, ki so ponavadi postimane zelo pozno...
Zgodovina sprememb…
- spremenil: Brane2 ()
dr.J ::
Bolj ko postaja Linux razširjen, bolj postaja ranljiv. Sam dnevno spremljam, ali je kak updtae na voljo za distribucijo, ki jo uporabljam.
Varnost se začne v glavah uporabnikov, pri čemer ni pomembno, ali gre za Windows ali za Linux.
Varnost se začne v glavah uporabnikov, pri čemer ni pomembno, ali gre za Windows ali za Linux.
BigWhale ::
> Varnost se začne v glavah uporabnikov, pri čemer ni pomembno, ali gre za Windows ali za Linux.
Khm, Varnost se zacne v glavah kreatorjev... :)
Khm, Varnost se zacne v glavah kreatorjev... :)
dr.J ::
> Khm, Varnost se zacne v glavah kreatorjev... :)
Res. A praksa kaže, da se na to ne gre vedno zanašati.
Res. A praksa kaže, da se na to ne gre vedno zanašati.
BigWhale ::
Ce kreator zahebe ze v fundamentu potem tud user nima kaj prevec praskat. Lahko si pomaga ampak to je bolj flikanje.
Vredno ogleda ...
Tema | Ogledi | Zadnje sporočilo | |
---|---|---|---|
Tema | Ogledi | Zadnje sporočilo | |
» | Ranljivost v več verzijah WindowsOddelek: Novice / Varnost | 3129 (1908) | denial |
» | Odkrita varnostna luknja v privzeti namestitvi OpenBSDOddelek: Novice / Varnost | 4288 (3223) | poweroff |
» | Pekel, pardon, Sarge je zmrznil! (strani: 1 2 )Oddelek: Novice / Ostala programska oprema | 6640 (5210) | MrStein |
» | Po pol leta vendarle zakrpana luknja v WindowsihOddelek: Novice / Varnost | 2534 (2534) | Fella |
» | Kateri Linux za strežnik??Oddelek: Operacijski sistemi | 1413 (1174) | segi |