Posted on 06/20/2017 2:52:48 PM PDT by dayglored
For once, Windows users (and OS X users) can breathe easy -- this one is not for them.
You might want to do your own verification about the apparent non-susceptibility of OS X / macOS to this one. I can't tell from this article (since it doesn't say specifically), but it does not appear to apply to Mac and Windows.
Somebody HAD to do that. :-)
How many folks are still running 386 processors? AMD 64 I can see.
We have a Linux mainframe...not connected to the internet.
i386 refers to the chip architecture of 386, 486 and Pentium - in other words, virtually all Intel chips for the past 20 years.
This is a local privilege escalation vulnerability. The attacker has to have an account on the *nix machine and be able to log on as an ordinary user, in order to try to become root.
This is very different from attacks over the internet. While a user could log in remotely with SSH, he still needs an local ID and password to connect.
I’ve usually seen x86 used to refer to the family, 386 to refer to a specific version.
Does this affect Android, which is also based on Linux?
I still have an AMD Athlon XP 1200 running XP. I use it for usenet and some old games. FF won’t update, and the last K-lite wouldn’t install because of the lack of hw features.
Good question. Thundersleeps?
That's (almost certainly) a big negative there good buddy.
MacOS IS an officially branded UNIX which is based on darwin, a BSD variant.
I can't see how this would not effect MacOS, expect to hear about a patch very soon.
Ironically this is the 1 in a 1000 security vulnerability which does NOT involve Windows .... P.S. Here is an in depth linky about it for your inner geek (https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt )
I would think that if OS X / macOS was affected The articles offers would have mentioned it. It is certainly widely known that they are based on FreeBSD. I pinged swordmaker above to please double check.
Yes, but this is what they say in Linux-land, when they offer distros for download.
The author's of the article said there very well could be more OS's effected by this these are the only ones they have checked so far.
Believe me, I am not gleeful about this at all, I am a big MacOS user, but to be honest, I have seen Apple drag its proverbial feet on security fixes from time to time ...
So are they saying only local access as root can make this happen?
I’m gonna pass this on to my peeps on the job. But there are tons of ways of killing your linux server as root. Doesn’t require and exploit; just bad command line statements.
Ok, thanks. I probably need to download a new Puppy. That’s the only distro I regularly used.
No, local access as a non-root account, seeking to gain root access. Historically, there have been many ways to do this, but these holes have gradually been plugged.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.