Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Privacy

Journal Journal: Charter Communications To Start AD Hijacking

Today, I received a letter from Charter Communications citing new 'enhancements' that they are planning on sending my way. In the body of the letter, they gave a basic description of deep packet inspection, and AD hijacking.

I have never been a satisfied customer with Charter, its the least reliable internet access that I have used in several years. This letter just adds to my disappointment.
Red Hat Software

Journal Journal: Zeroday privilege escalation exploit In RedHat Linux

After fooling around with one of my freshly installed, fully patched Fedora linux systems, I found a serious flaw in autofs's configuration file, which can lead to lead to a local user gaining root access without a password in an "out of the box install".

After looking further into the problem, I realized that this configuration vulnerability also affects a default load of CentOS 5 (which is a direct clone of RHEL 5, RedHat's current enterprise linux platform). Coupled with a common PHP script vulnerability, this flaw might even open the door for arbitrary code to be executed as root, from remote, on a webserver.

While /net seems like a nice little feature, it allows any user, with access minimal access on a system, to mount remote nfs filesystems. Is that really the type of power sysadmins need to give to their users?

Slashdot Top Deals

"No matter where you go, there you are..." -- Buckaroo Banzai

Working...