Jump to content

Oh No, another Linux vulnerability (funny)


skp51443

Recommended Posts

I couldn't resist this one, sure hope you aren't running Red Star Linux as it has some issues. :-)

http://www.theregister.co.uk/2015/01/11/surprise_norks_linux_disto_has_security_vulns/

SURPRISE: Norks Linux disto has security vulns ---- (Nork = North Korean in British slang)
Red Star turns into death star

Well, that didn't take long: mere days after North Korea's Red Star OS leaked to the west in the form of an ISO, security researchers have started exposing its vulnerabilities.

According to this post at Seclists, the udev rules in version 3.0 of the US and the rc.sysint script in version 2.0 are both world-writable. Both of these have root privilege.

Because of the slack file permission management in Red Star 3.0, the device manager for HP 1000-series LaserJet printers, /etc/udev/rules.d/85-hplj10xx.rules, can be modified to include RUN+= arguments. These commands will run on on the udev daemon as root. There's a demonstration at github.


Maybe Sony can get their revenge before a patch comes out? (Too soon?)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
RVers Online University

campgroundviews.com

Our program provides accurate individual wheel weights for your RV, toad, and tow vehicle, and will help you trim the pounds if you need to.

Dish For My RV.

RV Cable Grip

RV Cable Grip

All the water you need...No matter where you go

Country Thunder Iowa

Nomad Internet

Rv Share

RV Air.

Find out more or sign up for Escapees RV'ers Bootcamp.

Advertise your product or service here.

The Rvers- Now Streaming

RVTravel.com Logo



×
×
  • Create New...