quote:
Originally posted by VexBlade:
Linux has more holes then windows.
And the earth is flat.
quote:
If you ever come across a site on exploiting or that has verious exploits look at what systems they are for. 85% are Linux systems, and just look at Apache and all the modules bundled with it most vulnerabilities are found in those modules
Here are just a few linux holes
quote:
1.
Linux kernel versions 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 have an integer overflow in setsockopt MCAST_MSFILTER. Proper exploitation of this vulnerability can lead to privilege escalation.
Yes, those were patched and most never make it to the finnal distro.
quote:
2.
PaX with CONFIG_PAX_RANDMMAP for Linux 2.6 denial of service proof of concept exploit the send the kernel into an infinite loop.
Again this was the test kernel. Just before its initial release.
quote:
3.
Local root exploit for Squirrelmail's chpasswd utility. Tested on GNU/Debian with kernel 2.4.24 and on RH 9.0 shrike with kernel 2.4.20.
key words here 'local.' I doubt a skript kiddiot is gonna clime through my kitchen window.
quote:
4.
X-Chat versions 2.0.8 through 1.8.0 remote exploit that makes use of a buffer overflow in the SOCKS-5 proxy code. Successful exploitation binds a shell to port 7979.
An IRC application. if we are going to compare Linux vs Windows apps then double the amount of holes in windows.
5.
quote:
Linux eXtremail versions 1.5.9 and below remote root exploit that makes use of a format string vulnerability in its logging mechanism.
Again patches are avilable. Exploit not in use. But doesn't hurt to be safe.
quote:
And the list goes on and on. Yes you will find alot of exploits in windows. But this is just for the people that say linux does not have holes, and is o so superior, blah fucking blah open your eyes.
Have done. Compare this to the BILLIONS of infected windows machine with the latest 0wn3d32.worm. Which explot the same holes over and over again.
linux does have 'holes,' but unlike windows the patches not only fixes those holes but THE ACTUALY WORK!!! they don't lock up the entire system by breaking something in the OS.
If you look, you will also notice that people post these when they check code so peoplpe have a chance to correct it on the up comming version and finnaly ALWAYS provide a link if you are going to spout off something.