Re: [ossig] Johor State Goverment Site defaced

[Imran William Smith <iwsmith@xxxxxxxx>]

There's an important distinction between locally exploitable flaws
and remotely exploitable flaws.  I believe the two kernel flaws were
only locally exploitable (i.e. only somebody who is logged in already
can exploit the flaw).  It's a shame that most simplistic IT reporting
doesn't understand or explain the difference.

Imran

Nan Phin wrote:
> Linux Attacks On the Rise, Says Report - But It's Not As Simple As That
> (February 23, 2004) - A pair of security flaws reported in some Linux
> kernels, coming at the same time as a UK study that found Linux to be the
> most hacked server operating system in government, is helping to focus
> renewed attention on the whole issue of Linux security. The Linux
> community has been quick to respond that the UK study seems to be flawed
> in its methodology.
> http://www.linuxworld.com/story/43760.htm
> 
> 
> 


---------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message