[Tfug] Re: Linux bug discovered
Michael Stenner
mstenner at ece.arizona.edu
Tue Jun 15 09:43:41 MST 2004
On Tue, Jun 15, 2004 at 09:28:34AM -0700, Tom Rini wrote:
> On Tue, Jun 15, 2004 at 09:14:09AM -0700, Angus Scott-Fleming wrote:
>
> > Unconfirmed ... but the M$ folks will have a field day with this one if it's
> > true and exploited ... Text from the LinuxReview.org article says:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0554
Just to be clear about the significance of this, it's a LOCAL DOS.
Sure. That's not good, but it's really only a couple steps worse than
perl -e "@a = (); while (1) {push(a, 0)}"
It's not exploitable by remote users, it doesn't corrupt or infest the
filesystem, it doesn't spread on its own, it doesn't allow privilege
escalation, etc.
-Michael
--
Michael D. Stenner mstenner at ece.arizona.edu
ECE Department, the University of Arizona 520-626-1619
1230 E. Speedway Blvd., Tucson, AZ 85721-0104 ECE 524G
More information about the tfug
mailing list