Sina Technology News On the afternoon of December 21, according to Taiwan media reports, there was an authentication bypass zero-hour attack vulnerability in the Linux boot management program Grub 2, and hackers only need to press the back button (Backspace) 28 times to invade any Linux operating system. GRUB (Grand Unified Bootloader) 2 is a boot manager for most Linux operating systems, and is an important part of password protection. Hector Marco, a researcher from the Cybersecurity Group at the University of Technology of Valencia, and Ismael Ripoll discovered an integer underflow vulnerability in Grub 2, numbered CVE-2015-8370. Hackers who successfully infiltrate through this vulnerability can enter GRUB's Rescue Shell to elevate privileges, copy disk information, install rootKit, or destroy any data including GRUB.
The researchers found that the attack method for this vulnerability is quite simple: simply press the backward key 28 times in a row when GRUB asks for a username to enter the Rescue Shell. IT administrators only need to follow this method to determine that their system has this vulnerability if they see the system reboot or enter rescue mode. In fact, GRUB 2 had this vulnerability from version 1.98 released in December 2009 to version 2.02 in December 2015, but the attacker would need direct contact with the machine to carry out the attack. Linux system providers, including Redhat, Ubuntu, and Debian, have quickly patched the vulnerability, and Marco and Ripoll have provided emergency patches for download and installation.
Original:http://tech.sina.com.cn/it/2015-12-21/doc-ifxmttme6048783.shtml
| 
Posted on 12/21/2015 6:51:41 PM
|
|
|
|
