I have to keep an eye on the IT security news. You know, “security is a process not product”. Just recently, Linux kernel vulnerability CVE-2009-1337 caught my attention. This even has l33t in its name The more interesting part is, of course, not the CVE number but the attack vector used in [...]
Popularity: 72% [?]
Two strings walk into a bar. The first says, “Hello, I’d like a ciderO’y?kI’U`,E’*@???’?? ?!>A~Xx?(y’n?.” The second says, “Please excuse my friend, he’s not null-terminated.”
—
If you are running Linux kernel newer than 2.6.17 but older than 2.6.24.2 or 2.6.23.16 then any local user can easily become root or at least crash your system.
There are [...]
Popularity: 15% [?]
Feed