http://www.freerepublic.com/focus/f-news/1055431/posts "Flaws raise red flag on Linux security "
ComputerWorld ^ | JANUARY 09, 2004 | Jaikumar Vijayan
Posted on 01/10/2004 12:20:46 PM PST by Bush2000
"Flaws raise red flag on Linux security
But many users remain confident about the security of the open-source environment"
Story by Jaikumar Vijayan
ARTICLE SNIPPET: "JANUARY 09, 2004 ( COMPUTERWORLD ) - A report earlier this week about a critical flaw in the Linux kernel was the latest in a series of recently discovered security problems with the popular open-source operating system. But many users were unfazed by the report and said Linux remains a solid and secure environment for running enterprise applications.
Poland-based iSec Security Research on Monday said it had found a critical flaw in a function used to manage virtual memory on Linux systems (see story). The flaw affects the 2.2, 2.4 and 2.6 versions of the Linux kernel, according to iSec.
The vulnerability could allow attackers to take administrative control of compromised systems and run attack code of their choice, an iSec advisory stated. ISec claimed that it had developed and successfully tested code that was capable of exploiting the flaw, although it added that actually launching such an attack wouldn't be easy.
The news follows the discovery of a similar flaw in the Linux 2.4 kernel last fall. In November, unknown attackers used that flaw to take down several servers belonging to the Debian Project, which produces a noncommercial Linux distribution. And last month, an attack on the Gentoo Linux Project compromised a server that was being used to download copies of Gentoo's Linux source code by users.
The rise in such incidents can be attributed to Linux's growing popularity, which makes it a more attractive target for malicious attackers, said David Wreski, CEO of Linux security vendor Guardian Digital Inc. in Allendale, N.J."
let's try to steer this thread back to its original "purpose" if we can use that word.
Your post #9043 about the search for this AQ bomb maker is the most important new story to keep an eye on going forward.