Linux Joins Autorun Vulnerability Club

Monday, February 14, 2011 @ 03:02 PM gHale

While Windows is the predominant operating system running throughout organizations across the globe, that doesn’t mean other systems are not vulnerable to attack. Take a look at Linux.

It is possible to perform autorun-style attacks against weakly secured Linux PCs, a security researcher said.

Windows worms including Stuxnet and Conficker were able to spread onto networks after unwitting victims plugged infected USB sticks into PCs. This has happened automatically in cases where autorun was enabled, as it did in default on older versions of Windows until a change pushed by Microsoft last week. With autorun-enabled, executable files run with minimal user interaction.

The idea that autorun could cause a problem is not irrelevant to Linux boxes, said Jon Larimer, of IBM’s X-Force security division. Larimer said it is possible to insert a USB stick with modified code into an Ubuntu PC to get rid of a screensaver without entering a password – and display the user’s desktop.

Larimer’s demo relied on taking advantage of a flaw in GNOME Evince document viewer patched in January and, even so, was kind of “weak” because it was on a machine with in-built exploit mitigation disabled, as Larimer said.

Larimer said at last week’s ShmooCon security conference how you can beat these mitigations – namely ASLR and AppArmor.

The reality is you might be able to do things you aren’t supposed to do on a Linux box by misusing autorun functionality.

Click here for a video clip of Larimer’s presentation.

Leave a Reply

You must be logged in to post a comment.