vnunet.com— According to an advisory from security firm Secunia, a flaw has been found in Linux kernel version 2.6.x that could allow malicious local users to cause a denial of service attack
Apr 8, 2006View in Crawl 4
local user dos attacks aren't uncommon, not sure why this is front page news. here's one.cat /dev/urandom > bigfileon systems without enforced quotas, all disk space on the partition will be consumed in a matter of minutes, meaning other users on the system will be unable to create new files.. even worse if you're able to get the file on the root partition somehow.
last i checked netcraft showed apache on 60% of websites alone, even a conservative guess of 80% of them running linux would be a staggering amount of systems.
LOL. If it does work... And you are in X. Just kill X by doing ctrl-alt-backspace then type issue 'killall bash' a few times and you are good to go. :P Same goes for Perl or C... killall perl a few times and you are good to go. If you do it in C then just killall whatever you named the binary.If you do it in tty... Just killall bash a few times... :) That is... If it even works.Here's a Windows 'DOS'. OMG SOMEBODY ISSUE A PATCH!!!!11uno:somefile.bat:--------------------:astart %0goto a--------------------Then doubleclick on the bat. Rename it to Internet Explorer and change the icon for extra fun. Or even add it to your registry or startup folder if you are feeling really dumb. You'll have to reboot eventually. There's really not an easy way to kill it in windows. You risk borking your box since Windows doesn't like being hard-reset. So don't say I didn't warn ya. :)
That was the reason for me to report this story as Inaccurate. The VNU article refers to a patch for a development kernel, even though the Secunia alert refers the correct patch...
chaosmachineApr 9, 2006
local user dos attacks aren't uncommon, not sure why this is front page news. here's one.cat /dev/urandom > bigfileon systems without enforced quotas, all disk space on the partition will be consumed in a matter of minutes, meaning other users on the system will be unable to create new files.. even worse if you're able to get the file on the root partition somehow.
Closed AccountApr 9, 2006
last i checked netcraft showed apache on 60% of websites alone, even a conservative guess of 80% of them running linux would be a staggering amount of systems.
chaosmachineApr 9, 2006
or admins could just subscribe to the appropriate mailing list.. i could see a remote root exploit making front the page, but a local user dos?
corptApr 9, 2006
Well, it is part of the Web 2.0 revolution. Makes sense that it would become Slashdot 2.0
linuxinitApr 10, 2006
LOL. If it does work... And you are in X. Just kill X by doing ctrl-alt-backspace then type issue 'killall bash' a few times and you are good to go. :P Same goes for Perl or C... killall perl a few times and you are good to go. If you do it in C then just killall whatever you named the binary.If you do it in tty... Just killall bash a few times... :) That is... If it even works.Here's a Windows 'DOS'. OMG SOMEBODY ISSUE A PATCH!!!!11uno:somefile.bat:--------------------:astart %0goto a--------------------Then doubleclick on the bat. Rename it to Internet Explorer and change the icon for extra fun. Or even add it to your registry or startup folder if you are feeling really dumb. You'll have to reboot eventually. There's really not an easy way to kill it in windows. You risk borking your box since Windows doesn't like being hard-reset. So don't say I didn't warn ya. :)
ronaldbApr 10, 2006
That was the reason for me to report this story as Inaccurate. The VNU article refers to a patch for a development kernel, even though the Secunia alert refers the correct patch...