3 new Linux Vulnerabilities

CammanCamman NEW! England Icrontian
edited February 2004 in Science & Tech
Thought you Linux guys might wanna know this:

Three vulnerablities, two which affect Linux kernel memory management, a third affect a module to support ATi Rage cards, were discovered that could allow a hacker to gain control of a Linux workstation or server.
The newly found flaws underscore the fact that vulnerabilities still exist in the core software that makes up Linux, according to Symantec's Huger.

Moreover, the discovery of serious flaws in the kernel the past three consecutive months raises questions about the "many eyes" theory, which maintains that open-source software can be audited for security holes easily and is therefore more secure. In reality, the majority of developers don't like to review old code, Huger said.

Source: <a href="http://news.com.com/2100-1002_3-5162055.html?tag=nefd_top">cnet news.com</a>

Comments

  • a2jfreaka2jfreak Houston, TX Member
    edited February 2004
    Yep, Linux does indeed have flaws.
    The main gripe (that I see and hear) from reasonable Linux supporters/advocates is the speed at which patches are released for known expoits by Microsoft. Microsoft doesn't seem to keep pace with Linux when it comes to releasing patches that fix vulnerabilities. Not that Microsoft always is slow and not that Linux is always fast, but normally Linux patches are released more quickly and you always don't have to worry about a new EULA being applied to that patch.
  • CammanCamman NEW! England Icrontian
    edited February 2004
    okay, well I wasn't trying to start a Linux vs. Windows security debate thread, this was more to inform those running Linux that there are some new security vulnerabilities out there, perhaps I should change the title.
  • KwitkoKwitko Sheriff of Banning (Retired) By the thing near the stuff Icrontian
    edited February 2004
    Thread title changed to avoid holy war.
  • a2jfreaka2jfreak Houston, TX Member
    edited February 2004
    I wasn't attempting to start a debate. Just trying to clear up what I saw as a misperception (or over-generalization) of Linux supporters.
  • a2jfreaka2jfreak Houston, TX Member
    edited February 2004
    Saw this on /.

    fredrikr writes <i>"UK-based security firm mi2g has analyzed 17,074 successful digital attacks against servers and networks. The results are a bit surprising. The BSD OSes (including FreeBSD and Mac OS X) proved to be the systems least likely to be successfully cracked, while Linux servers were the most vulnerable. Linux machines suffered 13,654 successful attacks, or 80 percent of the survey total. Windows based servers enjoyed a sharp decline in successful breaches, with only 2,005 attacks."</i>
Sign In or Register to comment.