[BlueOnyx:01097] Re: udev security vulnerability: RHSA-2009:0427-01 / CVE-2009-1185
Jeff Jones
jeffrhysjones at mac.com
Sun Apr 19 10:15:34 -05 2009
Hi Michael,
Two questions!
1) I have read the RH advisory, but can't seem to figure out what sort
of access an attacker would need to execute this exploit? Is HTTP
enough? If I only have HTTP open on my BX installation - would that be
vulnerable, or does an attacker need shell?
2) I use the full ISO version of BX, but installed on a VM on XEN.
Would this mean that udev is installed by default? Is it safe to just
un-install it?
I'm not particularly familiar with udev, so hence my questions!
Cheers,
Jeff
More information about the Blueonyx
mailing list