[Tfug] Re: Linux bug discovered
Tom Rini
trini at kernel.crashing.org
Tue Jun 15 11:45:05 MST 2004
On Tue, Jun 15, 2004 at 09:43:41AM -0700, Michael Stenner wrote:
> On Tue, Jun 15, 2004 at 09:28:34AM -0700, Tom Rini wrote:
> > On Tue, Jun 15, 2004 at 09:14:09AM -0700, Angus Scott-Fleming wrote:
> >
> > > Unconfirmed ... but the M$ folks will have a field day with this one if it's
> > > true and exploited ... Text from the LinuxReview.org article says:
> >
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0554
>
> Just to be clear about the significance of this, it's a LOCAL DOS.
> Sure. That's not good, but it's really only a couple steps worse than
>
> perl -e "@a = (); while (1) {push(a, 0)}"
Only if you can easily reset your system. (and I must admit I haven't
tried it on a box with a watchdog, which may or may not catch this
livelock).
And it'd be rather trivial to plug the necessary bits into any number of
"run some arbitrary code on the system" exploits.
IMHO, there's two catagories of local DoS's
- Ones you can easily hook into an "execute random bits" remote exploit
and crash a box
- Ones you need a session on the system to do anything with (e.g.
information leak which if you troll long enough might give up a
password).
--
Tom Rini
http://gate.crashing.org/~trini/
More information about the tfug
mailing list