Bush2000 wrote:Actually, IE can be made to access a malicious web page if you view a maliciously constructed e-mail message in Outlook Express. That kind of exploit can affect a lot of users and compromise a whole bunch of Windows systems.
the rest depend upon an improbable chain of events, such as (a) browsing to a malicious webpage in IE or (b) running a malicious piece of software.
Also, many versions of Outlook Express were configured by default to open certain types of attachments automatically, and an email sent to a user who hasn't secured that "feature" can run a malicious piece of software. Again, this type of exploit will result in a whole bunch of compromised Windows systems.
Bush2000 wrote:The exploit referred to in this article requires access to a local account on the target machine. It almost requires shell access to the target machine, though it might be possible, if you are very, very good and/or very, very lucky, to exploit this vulnerablility with a web hosting account or similar non-shell access account on a particularly poorly secured server.
You don't need an account. A kernel buffer overflow can be hijacked to create an account with elevated privilege.
The vulnerability addressed in this article doesn't allow an unauthenticated remote system to create an account on the target machine. This is true for most Linux Kernel vulnerabilities that have been discovered recently.
BTW, this is the opposite of the MS-Blaster exploit and several other recent exploits to MS Windows. Many of the Windows exploits that have been discovered recently allow unauthenticated remote connections to compromise the target Windows system.