On 13:46 Wed 23 Mar     , Lindsay Haisley wrote:
> With perhaps a very few exception these exploits are aimed at MS 
> Windows boxes.  Recent Flash vulnerabilities, for instance, are listed 
> as affecting "Adobe Flash Player 10.1.82.76 and earlier versions for 
> Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 
> 10.1.92.10 for Android" but the report goes on to say that "There are 
> reports that this vulnerability is being actively exploited in the 
> wild against Adobe Flash Player on Windows."  No mention of Linux, and 
> I can find no references to a web or email borne exploit found in the 
> wild that actually generates an *infection* on a Linux box.  Consider 
> this a challenge, if you will, since I'd love to be proved wrong on 
> this last point and learn something.

It's called reverse shellcode. One would exploit a vulnerability in your 
web browser, email reader, or integrated apps/libraries (primarily 
Flash, Evince/libpoppler, or Java) that provides the ability to run 
arbitrary code as the local user to get the shellcode onto your system 
and run it. Reverse shellcode then connects from your computer to a 
remote server and provides them with a login shell. At that point, they 
still need to come up with a local root vulnerability or use a keylogger 
till they get you becoming root.

I'm not going to go into any more detail on it, but you can find it if 
you do some searching.

-- 
Thanks,
Donnie

Donnie Berkholz
Desktop project lead
Gentoo Linux
Blog: http://dberkholz.com