UGN Security Forums UGN Security: Knowledge Base Operating Systems *nix & *nix Security Linux 7.1, 7.2 Vulnerabilities

Hi all,

Does anyone know of any new vulnerabilities for Linux 7.1 or 7.2?

Thankyou

Welcome,

I'm ain't an expert but I think it depends of the distribution of linux is installed (Ex: Redhat, Mandrake, Slackware, etc..)

Looking for exploits for the Redhat version.

There are multiple sites that you can search for exploits at. Try security-focus.com bugtraq, securiteam.com, neworder.box.sk, google.com, yahoo.com, etc etc.

Bugtraq is great for finding out about new vulns for various OSes and programs. Sometimes they have exploits along with them, sometimes not. PacketStorm has a lot of exploits, tools, and security papers. You'll find OS specific exploits along with application specific exploits.

Your not going to find an OS vulnerability for linux like you would with windows, most of the time the vulnerability is with the services that are running. Find out what services the machine has running and then cross reference those with the OS version. Most of the time when a vulnerability is released for a certain service a list of OS's is give a long with it. You might want to run a scanner like nessus against it. It will tell you about most vulnerabilities that are open on the machine, although Im its not constantly updated and new ones are released daily, it will give you a good idea of what you can do.

Moved to Unix Security.

dont worry about those exploitz. if you dont even know that there are different companies who "make" linux (actualy, they just pack new kernel/tools and installer) then you are also too dumb to run them. no, its not like double-clicking like it is in windows, sorry.

------------------------------------------------
think before you act.

If you don't know much about Linux, Mandrake is a good company to start with. THen when you build on knowledge you can further do more with Mandrake (good from n00bs to vets). A lot more stuff out there. www.linuxnewbies.com

http://www.linux.org/

www.mandrake.com

The version numbers change often, newer stuff come along. Red Hat and Mandrake are already past 8.

A lot of others, let us know if need more etc.

Dude, I can't believe I'm seeing this thread being treated seriously.

Firstly: Linux 7.1? Linux isn't versioned, the kernel is sometimes referred to as linux, and that's around the 2.x stages right now. You need to be specific, as you posted after a query: Redhat 7.1

Secondly: There are millions of sources where you could learn about vulns specific to a linux distro. The first place I'd look is www.redhat.com . A quick search ("7.1 bug") turns up this page: http://rhn.redhat.com/errata/rh71-errata-bugfixes.html , where you can look at bugs. Now, if you want to get serious about it, you do another search ("7.1 security") - and that turns up http://rhn.redhat.com/errata/rh71-errata-security.html which is a mojo of information.

If you're too stupid to look to redhat, you could try google; I got this page: http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=redhat+7%2E1+security ("redhat 7.1 security") and BAM you get tons of security problems with redhat 7.1.

Now, if I really want to be a b4d455 haX0r, I'll go to the hardcore site PacketStorm (http://www.packetstormsecurity.org/) and do almost the exact same search ("redhat 7.1" and ""redhat 7.1"" <-- dont forget the quotes!) to turn up even MORE security stuff.

Have fun. Make sure you learn enough to cover your tracks before you hack whatever gheyass system you're trying to root; because hacking is 5% attack and 95% cover [censored].

Well it's not question of being serious, what's serious or not about this... Fact is he is curious and he wants to learn. Yet thanks for the input and I am sure he will be checking the URLs out.

So much truth.