Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Monday, August 22, 2011

Compiz vulnerability

Goatse Security has had a lot of fun pointing out the devastating flaws in Apple’s shit-tastic software, but now it’s time to turn to the beloved mascot of the sweaty man-child open source community: Linux.
Linux weenies will often brag about how insecure Windows is compared to Linux. They’ll also argue that Linux is hard to take down with any sort of exploit. Well, it turns out that’s not quite true. Here’s a simple, step-by-step guide to owning the most popular Linux distribution out there today:
  1. Open a long URL beginning with “apt://” in a browser that handles the apt:// protocol.
  2. Er…
  3. That’s it.
Hope you weren’t doing anything important with that X session.
This bug is delightfully trivial to deploy. Just write a normal HTML page containing an iframe that takes a 10000 character apt:// URL as its source. Trick a Debian dickhead into opening it and the bug will take out Compiz, crashing your X session with a cryptic “Unexpected X error: BadAlloc (insufficient resources for operation) serial 1779 error_code 11 request_code 53 minor_code 0)” error. And at no extra cost, we’re also throwing in GNOME theme rendering breakage, which forces you to logout and log back in to get your buttons back!
The following Linux distributions are affected by this vulnerability:
  • Alinex
  • BLAG Linux and GNU
  • CentOS
  • ClearOS
  • Debian
  • DeMuDi
  • Feather Linux
  • Fedora
  • Foresight Linux
  • gnuLinEx
  • gNewSense
  • Kaella
  • Knoppix
  • Linspire
  • Linux Mint
  • Musix GNU/Linux
  • Parsix
  • Red Hat Enterprise Linux
  • Scientific Linux
  • SUSE Linux Enterprise Desktop
  • Ubuntu
  • Ututo

No comments: