“Running 64-bit Linux? Haven’t updated yet? You’re probably being rooted as I type this. CVE-2010-3081, this week’s second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and ‘Ac1db1tch3z’ (classy) published code to let any local user get a root shell. Ac1db1tch3z’s exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there’s a tool you can run to see if you’ve already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a ‘rebootless’ version of the patch.”Here is some more Tech News from around the web:
- TRENDNET TEW-691GR 450Mbps Wireless N Gigabit Router @ OCHQ
- Intel 25nm flash chips spotted @ SemiAccurate
- 6502 simulator @ Hack a Day
- PS3 Move controller teardown @ MAKE:Blog
- Ex-Mandriva Linux staff fork the distro @ The Inquirer
- An intro to 3D on the Mac, Part II: Animation and Rendering @ Ars Technica
- Dawn of a new Ice Age – Interview with Cryo PC @ Kitguru
- Epson B-510DN Ink Jet Printer Review @ Hardware Secrets
- MSI’s Master Overclocking Arena Grand Final @ The Tech Report
Is someone using a new exploit to root around your x64 Linux OS
A new exploit allowing people to root your 64 bit Linux server is running rampant currently. While not all vendors have released a specific fix there is one that is available that should work for most if not all. There is also a tool available to detect whether you have already been compromised. Slashdot points out that this is very important as a backdoor will remain even after you have patched a compromised system, which you need to repair as well.