[Gllug] p2p programs
Russell Howe
rhowe at siksai.co.uk
Sun Nov 13 20:47:33 UTC 2005
On Sun, Nov 13, 2005 at 04:26:45PM +0000, Henry Gilbert wrote:
> I just want one horror story
> We all know loads from the Windows OS
>
> I just want the story one person that had his system infected
> (Ok we all know there aren't any Linux viruses)
> or was hacked just by visiting casually browsing the net.
>
> Yes I know if I work at it - I can make my Desktop system easily hackable.
> Although Running X and surfing the net as root - is not one of them.
The reason that Mozilla apps are up to 1.0.7 and not still at 1.0 is
because 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5 and 1.0.6 all had
security vulnerabilities discovered in them, usually exploitable via
visiting a maliciously-coded web page (or receiving a malicious HTML
messsage in Thunderbird).
Some of the security problems were of the cross-site-scripting type,
where instead of compromising your environment, a website can compromise
the data of another site, but there were arbitrary native code execution
vulnerabilities too.
The Mozilla security pages are woefully lacking in actually documenting
known security problems with Mozilla software:
http://www.mozilla.org/projects/security/known-vulnerabilities.html
Mozilla's sluggishness in updating this page whenever a new release
comes out is really pretty shoddy, I find. I also don't like the fact
that the page is called "known-vulnerabilities" when really it seems
like it should be called "fixed-vulnerabilities" - I can't see anywhere
on that page where all the known-but-not-yet-fixed vulnerabilities are
listed (by not-yet-fixed, I mean not fixed in a release - I guess
everything gets fixed in CVS pretty quickly).
>From a cursory glance, it would appear that Firefox v1.0.1, .2, .3 and
.4 are remotely exploitable. They don't detail what was different about
1.0.5 and 1.0.6 (was .6 launched to fix some minor brown paper bag bug
in 1.0.5?), and I find MFSA 2005-58 pretty sneaky, grouping 8
vulnerabilities under a single heading...
It doesn't matter that these cannot be used to gain root if you're
running the application as a local user IMHO.
Once you have your code running as a local user, all you need to do is
exploit a local exploit (which many people disregard as not worth
patching against, it seems), and you've got elevated privileges.
--
Russell Howe | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list