On Tuesday 03 October 2006 14:12, SHELLCODE Security Research wrote:
> Hello,
> The present document aims to demonstrate a design weakness found in the
> handling of simply
> linked lists used to register binary formats handled by
> Linux kernel, and affects all the kernel families
> (2.0/2.2/2.4/2.6), allowing the insertion of infection modules in
> kernel space that can be used by malicious users to create infection
> tools, for example rootkits.
Yay, you've been Slashdotted!
Question: Why did you personally submit this to Slashdot when it is absolutely
clear that the observation is akin to figuring out a process can call fork()
and exec() and become "/bin/rm" with an argv of "/bin/rm", "-rf", and "*"?
Is this what you call good marketing?
> POC, details and proposed solution at:
> English version: http://www.shellcode.com.ar/docz/binfmt-en.pdf
> Spanish version: http://www.shellcode.com.ar/docz/binfmt-es.pdf
>
Thanks,
Chase
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
