zero day vulnerability

Discussion in 'Computers, Hardware, and Operating Systems' started by KD8JFO, Jul 20, 2010.

Thread Status:
Not open for further replies.
ad: L-HROutlet
ad: l-rl
ad: FBNews-1
ad: L-MFJ
ad: Subscribe
ad: OK1UUad-1
ad: Left-3
ad: Left-2
  1. KD8JFO

    KD8JFO Ham Member QRZ Page

  2. EI8DRB

    EI8DRB Ham Member QRZ Page

    Because of the 0day or because XP is no longer supported?
     
  3. KD8JFO

    KD8JFO Ham Member QRZ Page


    BOTH.! :eek::eek:
     
  4. N0SYA

    N0SYA Ham Member QRZ Page

    i have always expected the malware that drops the entire innerweb in one fell swoop would be coded for linux, the kernel specifically, as linux based routers and webservers power the internets
     
  5. VA3CSS

    VA3CSS Ham Member QRZ Page

    You know, if you read the entire article, you realize that an XP user with SP3 installed is not vulnerable to this exploit.

    In other words, if you kept your Windows up to date, you'd have no problem.

    And now back to the regularly scheduled Microsoft bashing.
     
  6. N0NB

    N0NB Subscriber QRZ Page

    Please explain how such would/could be accomplished with the variance of kernel versions and builds by various distributions and administrators across the entirety of the Internet. Feel free to use as many sourced facts and paragraphs as needed. Direct links to source files in the kernel git tree showing specific and common vulnerabilities across kernel versions will be most educational.
     
  7. N0SYA

    N0SYA Ham Member QRZ Page

    right

    i feel that with the source being open and all and the preponderance of linux kernels running most servers and routers of any repute that someday when some nation wants to start cyberwar they will unleash a kernel killing bot on the world and the innerweb will be shut off

    take that!
     
  8. EI8DRB

    EI8DRB Ham Member QRZ Page

    ^
    However, just because you say it, doesn't make it possible. There is no one kernel, and as such, no one exploit which will have the effect you describe. On top of that, the real world is generally separated from the kernel by layers of abstraction, the purposes of which are to avoid the very situation you describe.

    Openness of source doesn't make any difference to vulnerability. Vulnerabilities are generally discovered by 'fuzzing'. This, in effect means throwing random data at a buffer and waiting for a crash. This crash can often be escalated to a buffer-overflow which can often be escalated to a code execution. This can happen on any system that accepts data from the outside world, open, closed or any other way.
     
  9. N0SYA

    N0SYA Ham Member QRZ Page

    "This can happen on any system that accepts data from the outside world, open, closed or any other way."

    exactly my point but with the linux kernel being right out in the open codewise and so prevalent on the innerweb as far as routing goes, i think it is a pretty good target for a really bad thing




    just a feeling i have, no need for you to have a stroke
     
  10. KB9XN

    KB9XN Ham Member QRZ Page

    What kind of sites do you visit that you have to worry about malware, virus and other bad stuff.

    Stay away from the Warez sites and the Porno sites and you wont be having any problems.
    kb nine xn
     
Thread Status:
Not open for further replies.

Share This Page