Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Journal Journal: Charter Communications To Start AD Hijacking

Today, I received a letter from Charter Communications citing new 'enhancements' that they are planning on sending my way. In the body of the letter, they gave a basic description of deep packet inspection, and AD hijacking.

I have never been a satisfied customer with Charter, its the least reliable internet access that I have used in several years. This letter just adds to my disappointment.
Red Hat Software

Journal Journal: Zeroday privilege escalation exploit In RedHat Linux

After fooling around with one of my freshly installed, fully patched Fedora linux systems, I found a serious flaw in autofs's configuration file, which can lead to lead to a local user gaining root access without a password in an "out of the box install".

After looking further into the problem, I realized that this configuration vulnerability also affects a default load of CentOS 5 (which is a direct clone of RHEL 5, RedHat's current enterprise linux platform). Coupled with a common PHP script vulnerability, this flaw might even open the door for arbitrary code to be executed as root, from remote, on a webserver.

While /net seems like a nice little feature, it allows any user, with access minimal access on a system, to mount remote nfs filesystems. Is that really the type of power sysadmins need to give to their users?

Slashdot Top Deals

A computer without COBOL and Fortran is like a piece of chocolate cake without ketchup and mustard.