Re: Recent Linux vulnerabilities

From: Michael Richardson (mcr@sandelman.ottawa.on.ca)
Date: Wed Jan 19 2005 - 19:44:32 EST


-----BEGIN PGP SIGNED MESSAGE-----

First, many of those reports are 2.6 specific.
Many deployed systems are running 2.4, which does not have anywhere near
as many issues.

Second, "local exploits" mean you need to get a local user.
If you assume that, then you can assume a lot of other things too.

I wish that the site would actually link to the CVE report.

- --
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/ www.xelerance.com/training/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQe7+74qHRg3pndX9AQFAiwQA4P0TRCIV4z0/C90h9Zs5DXBvd0Z+P2LH
r3A9XAjTUDahaEnIFMsM6IuYc1LjtbOR5bdzBQPBq7Gk8PhUixy5r8uHqRVL5Frd
QJMmF3ZLXUkBbYzNTSauSUZJXD9QWnuIdmO/EUlBQynrBWAwzPDyBoH6oz4y8kD7
mdq55Zpzky0=
=Nbix
-----END PGP SIGNATURE-----



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:14 EDT