[Beowulf] Heads up - Stack-Clash local root vulnerability

Peter St. John peter.st.john at gmail.com
Wed Jun 21 09:34:34 PDT 2017


Sorry yeah I just read it and yeah that looks like a real pain. Glad I'm
not an admin :-)
Peter

On Wed, Jun 21, 2017 at 12:09 PM, Kilian Cavalotti <
kilian.cavalotti.work at gmail.com> wrote:

> On Wed, Jun 21, 2017 at 8:59 AM, Peter St. John <peter.st.john at gmail.com>
> wrote:
> > I'd check to see that the vector of attack is something that pertains to
> my
> > system, before worrying to much about the vulnerability. Maybe the
> vector is
> > the Preview Pane in Outlook, right?
>
> I'm afraid the vector of attack is, given enough skills, any user
> account running any binary on any Linux, *BSD or Solaris machine.
>
> And when exploits are released, which Qualys said they will do, all
> hell will break loose, because the "skills" part will go away...
>
> Cheers,
> --
> Kilian
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20170621/b678d2da/attachment.html>


More information about the Beowulf mailing list