Out of morbid curiosity:
ldoolitt at recycle.lbl.gov
ldoolitt at recycle.lbl.gov
Thu May 18 20:09:11 UTC 2006
Rob -
On Thu, May 18, 2006 at 03:45:17PM -0400, Rob Landley wrote:
> Does anybody have an idea what these idiots are blathering about?
> http://securitytracker.com/alerts/2004/May/1010272.html
All they did was read SuSE-SA:2004:012.
http://www.novell.com/linux/security/advisories/2004_12_mc.html
The only relevant (to us) section is
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- sharutils [chop]
- xine, xine-lib, xine-ui [chop]
- sysconfig [chop]
- clamav [chop]
- exim [chop]
- utempter [chop]
- busybox
Busybox does not handle netlink sockets correctly, which allows
local attackers to spoof netlink messages to the busybox process
New packages are available on our FTP servers.
- monit [chop]
- ethereal [chop]
- kphone [chop]
> I mention this because reading it gives me no idea what vulnerability they're
> talking about (we use netlink? Where? For what?) It's 2 years old, they
> apparently never bothered to report it to _us_, they provide no means to ask
> for more information...
Try sending an email to Thomas Biege, his name and e-mail is at
the top of the SUSE advisory.
I also find
http://rpmfind.net/linux/RPM/suse/9.3/i386/suse/i586/busybox-debuginfo-1.00-3.i586.html
a changelog entry
* Tue May 11 2004 - nashif at suse.de
- Bug #39461 - Fixes netlink vulnerability
right before they updated to 1.00-rc1.
Maybe this in combination with Bernhard's pointer can help
figure out what happened two years ago.
- Larry
More information about the busybox
mailing list