[BlueOnyx:01100] Re: udev security vulnerability: RHSA-2009:0427-01 / CVE-2009-1185
Michael Stauber
mstauber at blueonyx.it
Sun Apr 19 12:35:19 -05 2009
Hi Jeff,
> 1) I have read the RH advisory, but can't seem to figure out what sort
> of access an attacker would need to execute this exploit? Is HTTP
> enough? If I only have HTTP open on my BX installation - would that be
> vulnerable, or does an attacker need shell?
Local access is required. However, scripts (PHP, Perl, Python, whatever) that
can spawn shells or execute system commands could be used as proxy.
> 2) I use the full ISO version of BX, but installed on a VM on XEN.
> Would this mean that udev is installed by default?
Yes, if you use the CD for the install, then udev will be installed. Just run
"yum update" and it'll sort it out then.
> Is it safe to just un-install it?
No! Otherwise you'll loose your Unix devices /dev/random, /dev/pty*, /dev/null
and so on. Linux wouldn't relly like that. :o)
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list