lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <3af3d47c1002050317j7426ebc8la992ed698a8fd25@mail.gmail.com>
Date: Fri, 5 Feb 2010 12:17:31 +0100
From: Christian Sciberras <uuf6429@...il.com>
To: Lucio Crusca <lucio@...web.org>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [SECURITY] [DSA-1988-1] New qt4-x11 packages
	fix several vulnerabilities

As far as I know it's been done. The question isn't writing a virus
for linux, but rather attacking linux.
Pirus, ran on linux since linux comes bundled with PHP, as other
script virii. Linux also supports a lot of scripting languages, unlike
Windows which supports less (batch/js/vb/hta).
This doesn't implying anything except that desktop linux doesn't yet
have a wide user base to make it relevant to malware writes.
On the other hand, linux servers are attacked a lot, and if memory
serves me right, a lot more then Windows ones.

Cheers.



On Fri, Feb 5, 2010 at 8:01 AM, Lucio Crusca <lucio@...web.org> wrote:
> Giuseppe Iuculano wrote:
>
>> CVE-2009-0945
>>
>> CVE-2009-1687
>>
>> CVE-2009-1690
>>
>> CVE-2009-1698
>>
>> CVE-2009-1711
>>
>> CVE-2009-1712
>>
>> CVE-2009-1725
>>
>> CVE-2009-2700
>
>
> Hmmm, 7 remote vulns in qt4 that allow execution of arbitrary code plus 1
> mitm. How far is the day when someone will write a virus for Linux desktops?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ