Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2010-04-17 at 00:41 -0700, jdow wrote:
> > Which of the vulnerabilities discussed on the kernel list is
> > communicable via an email message in such a way as to compromise the
> > security of the target system without manual intervention on the
> part of
> > its user? Please be specific.
> 
> Here is a non-LKML reference with a full explanation of the problem:
> Some background:
> http://blog.ksplice.com/2010/03/null-pointers-part-i/
> How to exploit it:
> http://blog.ksplice.com/2010/04/exploiting-kernel-null-dereferences/
> 
> The exploit can be delivered through email and introduced into the
> machine via targeted social engineering. If you can be tricked into
> allowing it to run, you're toast. ANY means of getting into the
> machine and having code execute is sufficient to allow the exploit
> to run within the kernel at kernel privilege.

Did I say that Linux had no vulnerabilities? No. Did I say it could
never be crashed or taken over from a console session? No. I asked for
an example of a security bug exploitable via email with no manual
intervention (other than downloading the mail of course). You produce a
kernel bug which before it was fixed would have required the user to
manually run a downloaded program. (Note by the way that if the user
fetched the exploit via a web page or ftp session, i.e. via a slightly
different social engineering vector, ClamAV would not have intervened.)

In other words, you don't have an answer to the question I actually
asked, so you produce an answer to a different question which no-one
asked and is outside the scope of the OP's initial query. 

Discussions of Linux security are useful and IMHO well within the scope
of this mailing list, but they aren't the subject of this thread. Feel
free to start a different thread if you wish.

poc

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux