[plug] Is Red hat truly flawed?

Scott, Simon Simon.Scott at SEALCORP.com.au
Tue May 2 13:10:01 WST 2000 

I severely doubt it

Most, if not all, distributions simply compile and package up the source as
it stands from kernel.org....

The article did not mention, but did he need console access to achieve this?
Most Linux boxes can be 'hacked' from the console, by simply forcing a
ctrl-alt-del shutdown and then passing 'single' to the kernel from the lilo
prompt.

So he got the password file... and???? any site that maintains normal
password checking (running your own password files thru crack might be a
good idea) means that brute force dictionary attacks are rendered virtually
useless... and if you use shadow passwords, he would probably have to hack
root ops to grab the shadow password file.....

So to achieve this remotely, and without obtaining root privs he must have
found some way to have the passwd file mailed/ftped/whatever to him... if he
can achieve this, the guy is a schmuck for not publishing details so the
kernel hackers can jump on it...

My first reaction would probably check this guys connections to Microsoft's
FUD department :)

 "With all the security bugs in JavaScript and all the pages that use
  it, a lot of sites are best viewed with telnet www.something.com 80"
                                                       -- Darren Embry
> ------------------------------------------------------
>  Simon Scott
>  DBA
>  Sealcorp Holdings Limited
>  Perth, WA
>  e-mail:  simon.scott at sealcorp.com.au
>  phone:  08 9265 5648
> ------------------------------------------------------
> 
> 


> -----Original Message-----
> From: Bret Busby [mailto:bret at clearsol.iinet.net.au]
> Sent: Tuesday, 2 May 2000 12:23
> To: plug
> Subject: [plug] Is Red hat truly flawed?
> 
> 
> 
> I have just found the folowing news item, at
> http://www.australianit.com.au/common/storyPage/0,3811,633573%
> 255E442,00.html
> 
> Does anyone know whther this is genuine, or, just a hoax?
> 
> I understood that a single version of each release of the 
> Linux kernel,
> existed, and that it had to be approved by Linus Torvalds, before it
> could be officially released. Am I wrong in my understanding?
> 
> -- 
> 
> Bret Busby
> 
> ......................................
> 
> 
>            Warnings over Red Hat 'flaw'
>                DOMINIQUE JACKSON
> 
> 
>            AN Australian Internet consultant says he has found serious
>            flaws in Red Hat Linux, just days after reports of another
>            security hole were released.
> 
>            Sydney-based Adam Todd said a major security breach in
>            the Red Hat kernel allowed a hacker to bypass the login
>            process, bypass passwords, and copy the original password
>            file.
> 
>            "This allows me to gain the highest level of user 
> privileges
>            within the kernel itself," he said.
> 
>            But Mr Todd said the flaw was beyond the normal hacker.
> 
>            He said it was probably created by someone who had
>            worked with Red Hat.
> 
>            "Whoever started it knew exactly what was needed," he
>            said.
> 
>            Mr Todd challenged to members of the "Link" mailing list to
>            put their Red Hat servers up for hacking, and has
>            succeeded in hacking nine of 17 systems owned by
>            government agencies, ISPs, businesses and individuals.
> 
>            He said that when he had broken through all the servers,
>            an email would be sent to their owners telling them that
>            their systems had been violated. A message also would be
>            sent to the Link list and the AusISP list with 
> details of the
>            servers hacked and the security flaw.
> 
>            Mr Todd said he hoped to finish the task in the next
>            fortnight.
> 
>            He said he first found the flaw in 1997 when a 
> server running
>            Red Hat in the data centre hosted by his company AH Net
>            was hacked. He said that Red Hat ignored his warning.
> 
>            Mr Todd said when security issues resurfaced on the Link
>            mailing list, he issued the challenge.
> 
>            Red Hat technical alliance director Robert Hart responded,
>            asking for proof.
> 
>            He wrote that Red Hat used the standard Linux kernel,
>            which meant the security hole should appear in other
>            distributions of Linux.
> 
>            Mr Todd, a Slackware Linux user, responded that there was
>            no definition of a standard Linux kernel and that he had
>            not seen the problem occur on other versions of Linux.
> 
>            Grant Bayley, organiser of hackers group 2600 
> Australia, has
>            also called for proof.
> 
>            "I don't think such a bug exists, because with Linux in
>            particular, there's enough eyes looking at the software to
>            notice it," he said.
> 
>            "I'm sceptical because no information is being released
>            about it."
> 
>            Red Hat Asia-Pacific director of professional 
> services Miles
>            Gillham said that if the hole was genuine, the company
>            would issue a patch or update on its website within 24
>            hours.
> 
>            Last week, Internet Security Systems's X-Force team found a
>            backdoor in Red Hat Linux.
> 
>                             sunsite.anu.edu.au/link
> .....................................
>

More information about the plug mailing list