Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Claranet Hacked due to Critical Hole in Linux

Following the revelation of critical vulnerability in Linux Kernel on February 10, 2008, the first UK victim availing of services of ISP (Internet Service Provider) Claranet is confirmed.

By exploiting a flaw in the sys_vmsplice kernel call that manages virtual memory, the hacker succeeded in acquiring root privileges to replace Claranet users' index.html files with his own calling card. The exploit came into light at around 6 p.m. on February 12, 2008.

Officials at Claranet said that malicious activity via exploitation of the flaw was spotted on the hosting platform that Claranet customers shared. However, in about 10 minutes, Claranet brought under control the malicious operations and even halted them. The ISP also locked the platform so that there could be no further damage.

Also by 10 am on February 13, 2008, a vendor's update was used to fully patch the shared hosting program. Nearly 1% of all Websites hosted on Claranet's shared program were forced to go offline to be soon reinstated by 1p.m on February 13, 2008 itself.

Earlier on February 14, 2008, software security vendor SecurityFocus uncovered 'critical' security vulnerabilities in Linux Kernel 2.6 in use by popular distributions. By exploiting the bugs, unauthorized users can write to and read kernel memory areas or access certain servers' resources.

Local users could also maliciously use these flaws to cause Denial-of-Service (DoS) conditions, acquire root privileges, or expose potentially sensitive data. The flaws influence all editions of Linux kernel right up to Linux 2.6.24.1, a version with a patch. Certain other software affected are distributions like Ubuntu, Red Hat, Turbolinux, SuSE, Debian, Mandriva etc.

According to Secunia, a firm that notifies on security, users changing their Linux kernel versions to either 2.6.23.16 or 2.6.24.2 can prevent attacks. However, those who don't want to upgrade can use hotfixes to close the holes. The flawed system call made its first appearance in Linux kernel version 2.6.17 but was exploited only with changes in version 2.6.23.

Vendors for Linux said they are on the job to find a permanent remedy to the issue while Claranet goes on monitoring disclosures of new security flaws and works on their patches.

ยป SPAMfighter News - 22-02-2008

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next