No subject


Tue Oct 3 10:26:04 MST 2006


Weakness In Linux Kernel's Binary
Format<http://it.slashdot.org/it/06/10/03/2122220.shtml>
*Posted by kdawson <http://technologyfront.com/> on Tuesday October 03,
@06:50PM*
*from the get-right-on-this dept.*
  [image: Security] <http://slashdot.org/search.pl?tid=172>
 Goodfellas <goodfellas at shellcode.com.ar> writes, *"This document aims to
demonstrate a design weakness found in the handling of simply linked lists
used to register binary formats handled by the Linux kernel. It affects all
the kernel families (2.0/2.2/2.4/2.6), allowing the insertion of infection
modules in kernel space that can be used by malicious users to create
infection tools, for example rootkits. Proof of concept, details, and
proposed solution (in PDF form):
English<http://www.shellcode.com.ar/docz/binfmt-en.pdf>,
Spanish <http://www.shellcode.com.ar/docz/binfmt-es.pdf>.*


Has anyone seen or heard of this?  I was not able to get the report and
might not understand it anyway.  It might be totally bogus.  NTL, I was
surprised it had not been mentioned here.  BTW, the English link was to
http://www.shellcode.com.ar/docz/binfmt-en.pdf in case it is not active
here.  I was guessing the site may have been overwhelmed preventing me from
getting it, but I am curious about it.

-- 
Be who you are and say what you feel, because those who mind don't matter
and those who matter don't mind.  - Dr. Seuss

------=_Part_125_21620545.1160006634083
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline



More information about the PLUG-discuss mailing list