New Linux security hole found
A Linux bug was recently uncovered by a young Norwegian programmer that, when exploited by a simple C program, could crash most Linux 2.4 or 2.6 distributions running on an x86 architecture.
"Using this exploit to crash Linux systems requires the (ab)user to have shell access or other means of uploading and running the program—like cgi-bin and FTP access," reports the discoverer, Øyvind Sæther.
"The program works on any normal user account, and root access is not required," Sæther reported. "This exploit has been reported used to take down several 'lame free-shell providers' servers. [Running code you know will damage a system intentionally and hacking in general] is illegal in most parts of the world and strongly discouraged."
By Steven J. Vaughan-Nichols at eWeek.
[ Read more ]