Announcement

Collapse
No announcement yet.

Linux Vendors Warn of Flaws

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux Vendors Warn of Flaws

    Security experts are urging users of Linux servers and workstations to take immediate action to patch two flaws found in the kernel.
    The flaws affect all current versions of Linux, and would enable a hacker to take control of a Linux system.

    The two flaws, both related to the kernel's memory management technology, were discovered by a Polish security firm, iSEC Security Research. The leading Linux vendors, Red Hat, SuSE and Debian -- as well as other distributors -- have released fixes concurrent with iSEC's announcement of the flaws.

    Additionally, the vendors released patches for smaller holes, including a flaw affecting the kernel module that supports a video card made by ATI Technologies, and another that affects a USB driver.

    "The memory flaw is the serious one," Mark Cox, Red Hat's security response team leader, told NewsFactor, though he noted the smaller problems were addressed in the same advisory.


  • #2
    "The memory flaw is the serious one,"

    Bullcrap.

    The memory flaws are very minor in the realm of real security problems.

    At the moment, you have to be a kernel wizard and have local access to the box in order to exploit this bug. Since such people are rare, and no simple exploit tools for it have been released yet, it isn't a massive problem yet.

    It is adviseable to patch, but its not time to run around and pronouce the end of the world. (wait for a remote root exploit bug before doing that)
    80% of people think I should be in a Mental Institute

    Comment


    • #3
      interesting.

      Shouldn't this be in alt lifestyles, btw?

      Comment


      • #4
        Theres no security flaws in Linux it's a myth put around by Microsoft.
        Chief Lemon Buyer no more Linux sucks but not as much
        Weather nut and sad git.

        My Weather Page

        Comment


        • #5
          :-P

          Comment


          • #6
            As Rugger put it... "Bullcrap" PIT, I know you're being sarcastic, but look at it this way.....

            Of course there are some security flaws in linux. There are in EVERYTHING. If you want the strictest security, go with OpenBSD. But for what it's worth, linux CAN be a lot more secure than Windows, and by default it is more secure than a default windows. (Hell, anymore you can't even do a fresh install of WinXP with it connected directly to the internet without getting hit by a virus...)

            Leech
            Last edited by leech; 24 February 2004, 19:08.
            Wah! Wah!

            In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

            Comment


            • #7
              Has anyone noticed theres more flaws are popping up lately. Possibly becuase Linux getting more popular.
              As linux gets more popular and more widespread damage can be done virus writers will start showing more interest.
              Hell the last virus W32/netsky was spread mainly by people opening attachments. How long have we've been telling them not to do that.
              Chief Lemon Buyer no more Linux sucks but not as much
              Weather nut and sad git.

              My Weather Page

              Comment


              • #8
                Originally posted by leech
                As Rugger put it... "Bullcrap" PIT, I know you're being sarcastic, but look at it this way.....

                Of course there are some security flaws in linux. There are in EVERYTHING. If you want the strictest security, go with OpenBSD. But for what it's worth, linux CAN be a lot more secure than Windows, and by default it is more secure than a default windows. (Hell, anymore you can't even do a fresh install of WinXP with it connected directly to the internet without getting hit by a virus...)

                Leech
                from what I've seen of Windows bugs, if you don't use IE, IIS and correctly set up the build-in firewall, you shouldn't be affected by at least 99% of all known exploits. So you _can_ be very safe in windows too.

                Comment


                • #9
                  And again - the most popular platform gets the most viruses.

                  Modern Mac users think that they are immune to viruses, yet just a few years ago I cleaned 200 DISTINCT viruses off someone's Mac. Yikes!

                  Linux will get its share of hackers, viruses, and flaws. It's just as poorly written as Unix was/is.

                  - Gurm
                  The Internet - where men are men, women are men, and teenage girls are FBI agents!

                  I'm the least you could do
                  If only life were as easy as you
                  I'm the least you could do, oh yeah
                  If only life were as easy as you
                  I would still get screwed

                  Comment


                  • #10
                    99% of viruses could be avoided if people would stop opening attachments.

                    a JOKE? Someone LOVE'S ME? Ohh! I better run this .VBS File!!

                    "I dream of a better world where chickens can cross the road without having their motives questioned."

                    Comment


                    • #11
                      Yes users need to be more careful and should always save and scan the file before opening it. Then you've got problem two and three. Getting users to update the antivirus software and OS.
                      Thens theres problem no.4 the users laptop that they take home let the kids download pron on and other nasties.
                      Chief Lemon Buyer no more Linux sucks but not as much
                      Weather nut and sad git.

                      My Weather Page

                      Comment


                      • #12
                        Originally posted by Gurm

                        Linux will get its share of hackers, viruses, and flaws. It's just as poorly written as Unix was/is.
                        Thank god it's not written as poorly as Windows.
                        Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.

                        Comment


                        • #13
                          Originally posted by Wombat
                          Thank god it's not written as poorly as Windows.
                          Considering the near 700mb - 1 gigs worth off security patches and bug fixes I've downloaded from for Mandrake 9.2 since it first came out it must be. Good job I didn't do a full install.
                          Chief Lemon Buyer no more Linux sucks but not as much
                          Weather nut and sad git.

                          My Weather Page

                          Comment


                          • #14
                            Originally posted by The PIT
                            Considering the near 700mb - 1 gigs worth off security patches and bug fixes I've downloaded from for Mandrake 9.2 since it first came out it must be. Good job I didn't do a full install.
                            You mean to tell me that coders keep finding potential security problems, and fixing them? For shame!
                            I'd much rather have gaping security holes for <A HREF="http://slashdot.org/article.pl?sid=04/02/10/2031219">half a year</A>.

                            MS prefers not to use your bandwidth for security patches. They'd much rather use it up spreading viruses like CodeRed and Nimda and that crap I'm currently getting in my Yahoo account.
                            Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.

                            Comment


                            • #15
                              you were talking about the quality of the code, but now are shifting to the attitude of the programmers?

                              Comment

                              Working...
                              X