Linux Zero Day in Play

Wednesday, May 18, 2011 @ 11:05 AM gHale

Linux is not a huge player in the manufacturing automation sector, but it still has some users. Along those lines, greyhat hackers from Goatse Security published the details of a denial of service (DoS) vulnerability affecting Linux distributions.

You can exploit the flaw by tricking users into opening an overly-long, specially-crafted apt:// URL in a browser that supports the protocol.

“This bug is delightfully trivial to deploy. Just write a normal HTML page containing an iframe that takes a 10000 character apt:// URL as its source,” the hackers write.

Because the Advanced Packaging Tool (APT) is a common Linux software manager application, a large number of distributions can feel the affect.

These includes the popular Debian, Ubuntu, Fedora, Red Hat Enterprise Linux and SUSE Linux Enterprise Desktop, but also Alinex, BLAG Linux and GNU, CentOS, ClearOS, DeMuDi, Feather Linux, Foresight Linux, gnuLinEx. gNewSense, Kaella, Knoppix, Linspire, Linux Mint, Musix, GNU/Linux, Parsix, Scientific Linux and Ututo.

Successful exploitation of the vulnerability crashes the X session with an “Unexpected X error: BadAlloc (insufficient resources for operation) serial 1779 error_code 11 request_code 53 minor_code 0)” error.

In addition to this denial of service vulnerability the Goatse Security greyhats also released an exploit for a theme rendering bug in GNOME which makes buttons disappear and leaves users with relogin as the only option.

Goatse Security i\as the group whose members exploited a vulnerability on AT&T’s website in June 2010 to harvest a list of email addresses belonging to iPad 3G owners.

The hacking group previously disclosed serious zero-day vulnerabilities in Apple’s Safari and Mozilla Firefox browsers which later suffered exploitation.

Leave a Reply

You must be logged in to post a comment.