Is #Grinch really a #Vulnerability ? Researchers at Alert Logic have recently uncovered another vulnerability which is no less than another “#ShellShock” for #Linux users. The new vulnerability is dubbed as “Grinch”, after the the holiday season and Dr. Seuss Character. The #vulnerability allows for escalation-of-privilege attacks in versions of Linux that use the poolkit toolkit for privilege authorization. However, this flaw is actually a real vulnerability or not, is debatable. Experts at #TrendMicro have posted an article raising questions about this vulnerability. According to a blog post by SANS, the flaw is discussed and described as more a “common overly permissive configuration of many Linux Systems.” Further Red Hat describes it as “expected behavior”. We would like to tell our readers, that this vulnerability was first discovered by an independent researcher a month ago, which he called PackageKit Privilege Escalation. According to Trend Micro, the scope of this vulnerability is very limited. Grinch can’t be exploited remotely because of the fact that it requires attacker’s physical access to the server they want to attack. Further to add more, the attackers must have access to an account in the wheels group (i.e., already have elevated privileges as local administrators), polkit must be installed, and thePackageKit package management system must be in use. #CDI
Posted on: Thu, 18 Dec 2014 19:38:49 +0000