Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-desktop
Navigation:
Lists: gentoo-desktop: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-desktop@g.o
From: Donnie Berkholz <dberkholz@g.o>
Subject: Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
Date: Wed, 23 Mar 2011 16:56:05 -0500
On 13:46 Wed 23 Mar     , Lindsay Haisley wrote:
> With perhaps a very few exception these exploits are aimed at MS 
> Windows boxes.  Recent Flash vulnerabilities, for instance, are listed 
> as affecting "Adobe Flash Player 10.1.82.76 and earlier versions for 
> Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 
> 10.1.92.10 for Android" but the report goes on to say that "There are 
> reports that this vulnerability is being actively exploited in the 
> wild against Adobe Flash Player on Windows."  No mention of Linux, and 
> I can find no references to a web or email borne exploit found in the 
> wild that actually generates an *infection* on a Linux box.  Consider 
> this a challenge, if you will, since I'd love to be proved wrong on 
> this last point and learn something.

It's called reverse shellcode. One would exploit a vulnerability in your 
web browser, email reader, or integrated apps/libraries (primarily 
Flash, Evince/libpoppler, or Java) that provides the ability to run 
arbitrary code as the local user to get the shellcode onto your system 
and run it. Reverse shellcode then connects from your computer to a 
remote server and provides them with a login shell. At that point, they 
still need to come up with a local root vulnerability or use a keylogger 
till they get you becoming root.

I'm not going to go into any more detail on it, but you can find it if 
you do some searching.

-- 
Thanks,
Donnie

Donnie Berkholz
Desktop project lead
Gentoo Linux
Blog: http://dberkholz.com
Attachment:
pgps39uiqK9rw.pgp (PGP signature)
Replies:
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
-- Lindsay Haisley
References:
Vulnerabilities on an RFC-1918 masqueraded Linux box.
-- Lindsay Haisley
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
-- Roman Zilka
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
-- Lindsay Haisley
Navigation:
Lists: gentoo-desktop: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
Next by thread:
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
Previous by date:
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.
Next by date:
Re: Vulnerabilities on an RFC-1918 masqueraded Linux box.


Updated Jun 28, 2012

Summary: Archive of the gentoo-desktop mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.