Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 17 April 2010 08:41, jdow <jdow@xxxxxxxxxxxxx> wrote:
> From: "Patrick O'Callaghan" <pocallaghan@xxxxxxxxx>
> Sent: Friday, 2010/April/16 22:49

>> Which of the vulnerabilities discussed on the kernel list is
>> communicable via an email message in such a way as to compromise the
>> security of the target system without manual intervention on the part of
>> its user? Please be specific.
>
> Here is a non-LKML reference with a full explanation of the problem:
> Some background:
> http://blog.ksplice.com/2010/03/null-pointers-part-i/
> How to exploit it:
> http://blog.ksplice.com/2010/04/exploiting-kernel-null-dereferences/
>
> The exploit can be delivered through email and introduced into the
> machine via targeted social engineering. If you can be tricked into
> allowing it to run, you're toast. ANY means of getting into the
> machine and having code execute is sufficient to allow the exploit
> to run within the kernel at kernel privilege.

Read the page more carefully. Particularly the comments.

-------------
Nelson Elhage says:
April 13, 2010 at 12:35 pm
....
After all the NULL pointer vulnerabilities last year, every major
distro has now turned mmap_min_addr on by default. So if you need to
run old DOS programs in Wine you can still change it, but it should be
much harder to exploit these things by default.
....
-------------

-------------
Nelson Elhage says:
April 14, 2010 at 9:54 am

Tomoe: I believe that, on recent kernels, SELinux blocks mmap’ing the
zero page separately from the mmap_min_addr mechanism. You should be
able to disable this protection for the purposes of experimentation by
running

setsebool -P mmap_low_allowed 1

as root.
-------------

--
Sam
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux