Dan Rosenberg has issued another Linux Kernel Exploit with PoC described in LWN [URL] I have tested that this exploit is not working on -Current (custom kernel, 2.6.36.1), which is good sign that Slackware is already immune of those problems.
View 12 RepliesI was just wondering wether a directory (I know thats just a special file) could be a security problem, as they have execute permissions? Could an exploit be attached to a directory. Has this ever happened?
View 1 Replies View RelatedI've got a user getting heavily spammed but other users on the same domain are fine, it all started last night here's some info...
-rwsr-xr-x 1 root root 700492 Jun 8 18:18 exploit
I've got loads of these in 'top'
5975 dovecot 15 0 3712 1712 1432 S 0.0 0.2 0:00.00 imap-login
and these in ps dovecot
dovecot 5250 5533 0 13:05 ? 00:00:00 pop3-login
root 5533 1 0 11:21 ? 00:00:00 /usr/sbin/dovecot
root 5534 5533 0 11:21 ? 00:00:00 dovecot-auth
dovecot 5663 5533 0 12:15 ? 00:00:00 pop3-login
ps exim i've got
Code:
mail 19725 32303 0 15:03 ? 00:00:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid
mail 19732 19725 0 15:03 ? 00:00:00 [exim] <defunct>
mail 20142 19725 0 15:03 ? 00:00:00 [exim] <defunct>
[code]....
I am a student taking part in a comptition. We have a set of questions to complete within today. Can anyone please help me out with it. I have a custom written "echo" program in C, running on port number "1220" which echoes back the first 16 characters of whatever is given as the first command line argument. But somehow, my brother had got unauthorized remote root access. The program is given below. How did he do it? Please give the exploit code and explain how it works.
#include
#include
void echo(char* input) {
[code]....
I installed a fresh copy of Slackware 13.1 (stable) on one of my media servers and I am experiencing something strange.... When I power up the machine, I see the kernel booting, no errors, until it gets to the point where it says:
And then randomly freeze there.... Well the machine is not totally frozen because the cursor still blinks. But it will never continue... Like I said, this happens on a random basis... After a reset, it might go through or simply stall at the same spot.
I remember after installing Slack 13.1, I rebooted the machine but forgot to remove the DVD from the player, so the install routine started up, and froze at the same point when it was loading the kernel for the setup programs...
My mobo is a MSI k9N platinum.
I never had this problem before.... (well I never used 13.1 before). Since I got this machine, I used slack 12.2 and slack 13-current with success.
This problem makes the machine extremely unreliable because I intent to use it as a backup and media server, so chances I will WOL the machine and use it remotely... if that happens.
I have one machine where I have several versions installed on different partitions. The base partition (/dev/hda1) is Slack 12.1. On a spare partition (/dev/hdc4) I had installed Slackware64-current. Last week I slackpkg upgraded and installed the 2.6.32.2 kernel, and now that partition will not boot. I know that with the new kernels the hd* designation has been removed, and have already redone that fstab (accessing it from a different boot) to reflect the sd*. Here is the slack64 section of my lilo.conf:
Code:
# Linux bootable partition config begins
image = /other/spare4/boot/vmlinuz
[code]....
I've been looking awhile now, but no patch for this is yet to be found. Does anyone have more info, or better, a fix? Last version from GNU's ftp server is also vuln as of this writing.
View 3 Replies View RelatedA researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google's Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.
View 2 Replies View RelatedExim user can get owned by a remote exploit [URL].. I was running Exim 4.63 5.el5_5.1 on CentOS 5.5 x86_64 and my Exim user got owned by that exploit.
Now I ran yum update and exim updated to 4.63 5.el5_5.2 I cannot find anywhere if this updated fixes the exploit.
it's possible to compile the 2.6.37 kernel patched with the autogroup patch on a Slackware 13.1 system running 2.6.33.4-smp with 2.6.33.4 headers? I just compiled and installed the 2.6.37-autogroup kernel from AUR on my ARCH setup and I like it especially when using firefox with lots of tabs open and other background apps also running. I did notice a speed and smothness difference in my ARCH testing setup with this kernel patch and I can get same results in 13.1??
View 1 Replies View RelatedI'm trying to bring my Slackware system back to life as my XP HDD is dying... I've got everything working except for my audio. I got a new motherboard (ASRock P43DE3) and it has a VIA VT1708S as the onboard audio. Is there any way I can get this working without rebuilding the kernel?
View 5 Replies View RelatedI've scanned my computer (I'm using Ubuntu 8.04 Hardy Heron) and ClamAV has issued it has found a virus called Exploit.PDF-9669. What seems strange to me is that such a warning always happens (or, at least, in the most cases) in the same folder tree "sys" and ClamAV issues the very same virus/malware warning (Exploit.PDF-9669).
An example:
sys/devices/virtual/vtconsole/vtcon0/uevent: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/address: Exploit.PDF-9669 FOUND
sys/devices/virtual/net/ppp0/broadcast: Exploit.PDF-9669 FOUND
sys/devices/LNXSYSTM:00/device:00/uevent: Exploit.PDF-9669 FOUND
My ClamAV version is 0.94.2/10275/Fri Jan 8 22:06:46 2010. It has been not updated since I installed Hardy in my computer last year. Is my computer in danger?
I read this morning that MicroSoft and Adobe Flash released a huge security update to counter the threat of malicious apps taking over systems. Included in the fix was Excel spreadsheets. Apparently a hacker could send a spreadsheet that if opened could remotely take over your machine. I opened my update manager and there was a sizable Open Office and Java update.
Question: Are Linux/Ubuntu machines susceptible to the security flaws?
Question: Since Adobe Flash is considered proprietary and not updated through the Ubuntu update manager, do I have to manually update that package?
CentOS using yum to update Exim. Exim is configured to not allow remote connections using the local_interfaces config option.My old version was 4.63-5.el5_5.2 and after using:
yum update exim
I updated my kernel in slackware current but can't install lilo, when i was with my old kernel it gave an error about not finding the sda drives (they were named hda before the upgrade).I booted into the slackware 13.0 dvd and modified fstab and lilo.conf replacing hda with sda but lilo still gives an error of not finding sda drives.How can i install lilo so i can boot into my sistem??
View 14 Replies View RelatedI'm currently trying to install unRaid on Slackware following this tutorial :[URL].. I'm new to Linux and after many hours, i finally managed to build the new kernel for unRAID (2.6.32.9). But audio on HDMI port doesn't work I tried alsaconf without success. HDMI sound works when i boot into the old kernel.
My codecs are :
Code:
root@unraid:~# cat /proc/asound/Intel/code* | grep Codec
Codec: Realtek ALC888
Codec: Intel G45 DEVIBX
Code:
lspci -v:
[Code]...
Fresh and Full install: Slackware 13.37 64-bit x86_64. What is the correct procedure to switch from huge kernel to 2.6.38.4 kernel?
View 6 Replies View RelatedI would like to recompile my kernel to add few modules to it but I would like to keep my current configuration so as not to have troubles with missing drivers for my hardware and stuff.
How do I do that?
I am trying to setup Slacware 13.1 x86_64 to a encrypted partition. I used the README_CRYPT.TXT howto : [URL] At the step when I create an initrd.gz I get this error: Quote: ERROR: No /lib/modules/2.6.33.4-smp kernel modules tree found for kernel "2.6.33.4-smp"
I tried to look into the directory and there was only modules under 2.6.44.3. So I tried to change the command into: Quote: mkinitrd -c -k 2.6.33.4 -m ext3 -f ext3 -r cryptroot -C /dev/sda2
This command was successful, but I don't know if this is alright. I made the changes in lilo.conf, add initrd = initrd.gz. This is all on unencrypted /boot partition. The boot=/dev/sda1 I also set for the unencrypted boot partition. When I boot the system I get a kernel panic:
[Code]....
Is there some way to add a kernel to an iso?
Or update the one on the iso?
I am trying to install Slackware(x32) 13.1.
EDIT: forgot to mention, I'm on windows 7. no access to linux outside of a vm.
I've just upgraded my slackware 13.1 box to the latest stable kernel. Really impressed by the improvement on boot time and graphic card driver for my old Intel chipset. So I intend to use this newly built kernel to another computer of mine, which is running slackware 13.1 too. I want to keep this computer as clean as possible by installing no build tools, experimenting stuff, etc..., just binary packages for a neat, minimal box. So I'm thinking of copy the new kernel files (System.map, vmlinuz, config) to /boot as directed here in the slackbook.
But as I also notice that there are new files installed under /lib/modules/linux-2.6.35.7 (the new kernel), I'm afraid that I'm missing some other files of the kernel installed somewhere in the system. So are these files all the components of the new kernel, or do I need to look at some other places to grab the whole cake?
I installed Slackware 13.37 today, fresh install. I added the generic 2.6.37.6 kernel to lilo, rebooted, and ran with it. I transferred some stuff to my hard drive and installed a few things, reboot again and now I can't boot up with my kernel of choice (but I can with the huge kernel). It stops during the boot process and says
Code:
[1.785238] No filesystem could mount root, tried: romfs
[1.785342] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,1)
[1.785417] Pid: 1, comm: swapper Not tainted 2.6.37.6 #2
After that is a line that says Call Trace and several lines after that with stuff that makes no sense to me and that I don't feel like typing out, but will if it is relevant.
Just a quick question: can I safely install the 2.6.38.4 kernel in /testing and not screw up any other part of my Slackware64 13.37 installation? Should I install the kernel headers or leave the default ones since that's what glibc was compiled against? Obviously I'd need to update lilo.conf as well as run lilo itself.The reason I ask is because I'm having suspend/resume problems on my laptop (worked fine with 13.1) and I wanted to see if a kernel driver was the issue.
View 1 Replies View RelatedDell optiplex 740 running slackware64-13.0 2.6.34 #1 SMP Mon May 17 13:50:21 EDT 2010 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ AuthenticAMD GNU/Linux downloaded install DVD using Eric's mirror script burnt two dvds
I get the screen asking if I need to enter anything press enter the dots run across the bottom of the screen then jump to the top and machine dies after line "Booting kernel" even the 'elephants can't get it to move' power off is only option other dvd's are bootable including ones burnt on this machine after the 13.1 dvd
running current on a Lenovo S10
the b43 driver craps out every few minutes.
so i decided to try the sta driver.
i downloaded the slackbuild but it crashes with the following see attached
Does slackware 13 have any dependencies on a modular kernel? I am going to make the kernel without modules and wanted to know if this will not work or if it will be painful and still work.
View 8 Replies View RelatedI'm tryin to run this script to make me a aufs/squashfs/lzma patched kernel and I keep getting this
Code:
root@slackware:/usr/src# ./build.kernel
* Unpacking archives
aufs
lzma457
squashfs3.4
[Code]...
People, there is a tutorial to upgrade the kernel 2.6.38.3(compiling tutorial included =D) to Slackware 13.1??And, this upgrade generate a better performance on system??
View 14 Replies View RelatedI'm trying to install Slackware 64 on a raid 0 fakeraid, I found out that I need kernel support for that. Dm raid. What I did was, I made a virtual machine with no raid compiled the kernel and created a new iso file wich included in the /kernels folder my own kernel too. I burned the image but on boot I got the "image checksum error..." I got confused by all the stuff I've read about linux booting.I need a simple guide how to make a custom made Slackware iso to boot. How do I generate new checksums, how should I write the iso file to make it work?
View 4 Replies View RelatedOne thing I always do is switch to the vmlinuz-generic(-smp) kernel in /etc/lilo.conf and build an initrd (see /boot/README.initrd for details). The "huge" kernel used by default is only meant for installing and not recommended for everyday use. It has a lot of drivers you don't need built-in and uses more RAM than the "generic" kernels.
still trying to find my feet and get to know Slackware. In one of my previous threads, 'things to do after installing' i was told the above message. When i installed, it used the huge kernel, but i'm unsure if that was the one that got installed. when i start slackware up, above the login screen it say, �wecome to Linux 2.6.37.6-smp (tty1)� I was wondering how to swich to the generic smp kernel, do I just change the vmlinuz to the desired, in lilo?