Madmanmcp 0 Posted September 9, 2004 Share Posted September 9, 2004 h_tp://www.eweek.com/article2/0,1759,1644282,00.asp "Linux users are at risk from serious security vulnerabilities in components used to view graphics and handle archives, according to researchers. The security holes, found in the imlib graphics library and the LHA archive tool, can be exploited via a specially crafted bitmap image or an LHarc-format archive to take over a Linux system. " Quote Link to post Share on other sites
Deverill 0 Posted September 10, 2004 Share Posted September 10, 2004 It just goes to show that any system can have holes. But, "The bug was first identified late last month" "The GNOME graphical user interface project this week released a patch for imlib, a basic library used in many image-viewing applications." and "The first could take effect if a user were tricked into extracting or testing a specially crafted archive. The second can only be exploited if a user were tricked into passing a specially crafted command line to the lha command. In the third, an attacker could create a directory with special characters in its name, which could lead to the execution of malicious commands." I remember having folks using the Vax Cluster at the college where I worked try the new Logo compiler... it had turtle graphics and all! Of course, Logo was an acceptable shortcut for "Logoff" and that's just what it did. It's good for everyone to know that if you do something stupid then bad things will happen and that no system is perfect. It's pretty cool that Open Source stuff seems to have a quicker repair time than MS's proprietary secret-squirrel stuff does. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.