Madshrimps Forum Madness

Madshrimps Forum Madness (https://www.madshrimps.be/vbulletin/)
-   WebNews (https://www.madshrimps.be/vbulletin/f22/)
-   -   Huge Hole in Open Source Software Found, Leaves Millions Vulnerable (https://www.madshrimps.be/vbulletin/f22/huge-hole-open-source-software-found-leaves-millions-vulnerable-44266/)

jmke 23rd May 2008 22:39
Huge Hole in Open Source Software Found, Leaves Millions Vulnerable
 
For all the criticism of Microsoft and its security flaws, the software giant has made an impressive turnaround. While Vista has been derided for a variety of reasons, most would agree that it’s much more secure than Windows XP. Recently, a hacker conference showed just how vulnerable systems running Mac OS X are, due to their slow rate of patches. The Mac machine was hijacked within 10 minutes, while the Linux and Windows boxes survived the day.

Now an even worse security flaw has been found in some of the basic code used by a wide variety of Linux security programs. The error originated back in May 2006 when workers on the open-source security project committed a grave and unrealized error.

http://www.dailytech.com/Huge+Hole+i...ticle11869.htm

jmke 23rd May 2008 22:40
Quote:
Be careful. This whole article implies that the problem is more widespread than it really is.

Only distributions (like Ubuntu) that use the Debian repositories were affected. NONE of the commercial vendors and most of the other major distributions (RPM-based, source-based, etc.) are completely unaffected. This also only affects keys generated on Debian derivatives.

Further, Ubuntu is distributing with the updated OpenSSH packages a key blacklist and vulnerability assessment utility. Users who have bad keys are being notified at the time of update that their keys may be compromised.

Please don't imply any differently. The situation is under control.
...


All times are GMT +1. The time now is 19:06.

Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO