On Jun 29, 2017 3:52 PM, "stan" <stanl-fedorauser@xxxxxxxxxxx> wrote:
Wikileaks released a document about an attack against CentOS / Rhel.
https://wikileaks.org/vault7/#OutlawCountry
Here's the text, there are some docs there also.
<snip>
My first take is that this doesn't represent a very serious threat. Do
you disagree?
> Prerequisites(S//NF)
> The target must be running a compatible 64-bit version of CentOS/RHEL 6.x (kernel version 2.6.32).
This doesn't even work on Fedora.
Fedora kernels move too fast for them to keep up with binaries; they would have to use the source and rebuild it akmod style on every kernel upgrade. They aren't doing this; they want to keep their stuff secret.
It could, however, have been ported to RHEL7 (and not leaked).
> (S//NF) The Operator must have shell access to the target.
So you have to already have a vulnerability or have a server administrator in the CIA's pocket. This is just a rootkit they use once they already have the keys to kingdom.
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
