Justin Guitar Community

Tools of the Trade => Computer and OS => Topic started by: TB-AV on October 24, 2016, 11:42:41 pm

Title: Linux ROOT Exploit
Post by: TB-AV on October 24, 2016, 11:42:41 pm

Title: Re: Linux ROOT Exploit
Post by: Omar on October 25, 2016, 10:56:27 am
Does this affect websites running in Linux servers instead of windows?
Title: Re: Linux ROOT Exploit
Post by: TB-AV on October 25, 2016, 02:02:26 pm
This is a rare condition vulnerability which is still present on all systems and servers using a Linux kernel, which are still likely to be prone to malicious attacks. It is advised, yet again, to update your PC as soon as the latest security update is made available to you.
Title: Re: Linux ROOT Exploit
Post by: bjsteeves on October 25, 2016, 04:32:27 pm
I believe that you are referring to the "copy-on-write (COW)" bug.

This bug is very hard to take advantage of on any system. However, it is much more vulnerable on VM (virtual machines) running on a server. There already is a patch for this bug. I updated my linux system this morning. My opinion is both Linux and Unix are much more secure than Windows (I have certifications in both). But, as long as you keep updating the latest patches, all these systems will be secure enough for any use.
Title: Re: Linux ROOT Exploit
Post by: Majik on October 25, 2016, 06:37:03 pm
It needs local user access. However, bear in mind that a web server will be running as a local user. If you can inject executable code through the webserver somehow (either via a vulnerability in the webserver application itself, or in the app it's running) then it could be possible to exploit this without having a user account on the system.

As bjsteeves says, keep your systems patched, regardless of OS.

It does emphasise an issue I've highlighted in another thread: "IoT" systems and similar. There's millions of devices out there on the Internet running all sorts of stuff, a lot of it Linux. Regardless of OS, this equipment is as vulnerable to attack as an Internet connected PC or server. If it's not patched, it becomes at risk, in the same way as any desktop PC, laptop, or server does if that hasn't been patched.

The trouble is most of the vendors of these devices do not keep them up to date with security fixes. This means they are at risk of being compromised.

And, they are being compromised: very recently a widespread "cyber terrorism" attack has been taking place which has impacted services across the Internet. It was orchestrated by taking advantage of vulnerabilities in unpatched and poorly secured IP CCTV cameras.

If you have a router, it will be running an OS. If that router hasn't had a security update recently, then the chances are it's vulnerable to hacking.

Personally, I wouldn't touch a mainstream vendor's router with a bargepole these days (or, at least I would put DD-WRT or similar on it, and keep it up to date with security patches). It's like giving hackers a computer on your network they can use to steal your information and to conduct cyber-attacks from.


Title: Re: Linux ROOT Exploit
Post by: bjsteeves on October 26, 2016, 04:04:22 pm
Majik...So true.  As for IoT (Internet of Things) devices, I won't put them on my network. As you stated, they will not get proper updates and already are insecure, so they won't ever be on any network of mine.

Home routers are an item that almost never gets updated. Mine is not very old and there are no updates yet for it, but I also run a firewall on my desktop so I don't expect any issues.