[dba-Tech] FW: FW: Linux flaw allows bypassing password

Rocky Smolin rockysmolin at bchacc.com
Wed Nov 16 15:57:26 CST 2016


John:

 

>From Noah.  Do you know if initramfs can be connected remotely?

 

r

 

From: Noah Sutton-Smolin [mailto:noahsutsmo at gmail.com] 
Sent: Wednesday, November 16, 2016 1:44 PM
To: Rocky Smolin
Subject: Re: FW: [dba-Tech] Linux flaw allows bypassing password

 

Was going to say that it's very low priority if it requires physical access, but there article says it's remotely available. That makes it much more serious. 

Unfortunately the article doesn't go into detail on how to make it usable remotely, because (as far as I remember, it's been a while) usually the initramfs terminal can't be connected to over the internet. 

 

On Wed, Nov 16, 2016, 09:54 Rocky Smolin <rockysmolin at bchacc.com> wrote:



-----Original Message-----
From: dba-Tech [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of
John R Bartow
Sent: Wednesday, November 16, 2016 9:43 AM
To: 'Discussion of Hardware and Software issues'
Subject: [dba-Tech] Linux flaw allows bypassing password
Importance: High

A hacker with little more than a minute can bypass the authentication
procedures on some Linux systems just by holding down the Enter key for
around 70 seconds.



http://thehackernews.com/2016/11/hacking-linux-system.html?utm_source=feedbu
rner
<http://thehackernews.com/2016/11/hacking-linux-system.html?utm_source=feedb <http://thehackernews.com/2016/11/hacking-linux-system.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&_m=3n.009a.1367.kp0aof74zx.sxy> 
urner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+New
s+-+Security+Blog%29&_m=3n.009a.1367.kp0aof74zx.sxy>
&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+S
ecurity+Blog%29&_m=3n.009a.1367.kp0aof74zx.sxy



http://tinyurl.com/z87jtll



_______________________________________________
dba-Tech mailing list
dba-Tech at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/dba-tech
Website: http://www.databaseadvisors.com



More information about the dba-Tech mailing list