New Adobe Flash and PDF exploit, How does it effect me?

**FlameBait** · 28-Oct-2010, 16:26

New Adobe Flash Bug Being Exploited | threatpost

So as a Linux user how can my computer be compromised by these active exploits. I don't want to sound dumb but I really don't know. I don't use Acroread I use Ocular but my wife does on her 11.1 box but we both use Flashplayer quit a bit. Can I be rooted by these kinds of exploits or not?

**ken_yap** · 28-Oct-2010, 17:44

In the worst case you have to assume that any program that has a hole will give the attacker access as the user of the program. Which means that it could delete your files, steal your mail contacts, anything you could do as yourself. You can work out the ramifications of that and understand why people in these forums advise to minimise the time spent logged in as root.

Flashplayer is probably the more critical one since one is never quite sure who provided a video at any of those sharing sites. But you could also get hit from a PDF document if it has been uploaded by an attacker.

I really hate how sloppy Adobe is. There must have been about one patch per month or so for a long time.

**malcolmlewis** · 28-Oct-2010, 17:57

Still trying to work out how nsunday.exe ~temp.bat and nsunday.dll will work on my system....?
contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability

**FlameBait** · 28-Oct-2010, 19:08

Originally Posted by malcolmlewis

Still trying to work out how nsunday.exe ~temp.bat and nsunday.dll will work on my system....?
contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability

No kidding.

**ken_yap** · 28-Oct-2010, 19:22

Originally Posted by malcolmlewis

Still trying to work out how nsunday.exe ~temp.bat and nsunday.dll will work on my system....?
contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability

Perhaps you would like the attacker to upload nsunday, temp.sh and nsunday.so?

**techwiz03** · 28-Oct-2010, 20:43

Originally Posted by malcolmlewis

Still trying to work out how nsunday.exe ~temp.bat and nsunday.dll will work on my system....?
contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability

They mention MAC OS/X, Linux, Solaris, UNIX but their target does indeed stipulate .exe .dll .com .bat which in the *nix world the .bat holds the only danger unless the *nix is running Windows in a virtualbox as Root! and with virtualbox given system wide access. When I was playing a flashplayer file about a month back, I did see adobe trying to load and run .dll's under Linux but all that happened was an entry in /var/log about failed attempt to access the C

windows\system32\xxx.dll and a warning in adobe about pluggin could not be loaded some features may not be available.

IMHO .bat which are scripts of a sort are the only real threat to Linux but if using virtualbox, all are of concern.

**hendersj** · 28-Oct-2010, 22:38

On Fri, 29 Oct 2010 03:06:02 +0000, techwiz03 wrote:

> IMHO .bat which are scripts of a sort are the only real threat to Linux
> but if using virtualbox, all are of concern.

Virtualbox, VMware, WINE, QEMU - pretty much all those options would be a
concern, not just VB.

Jim

--
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

**ConfederacyOfDunces** · 28-Oct-2010, 23:35

I have been wanting to start a rant about Adobe for a while now.

Is there a way to do .flv in Firefox in any other way but Flush or Shocknave?
Their plugin is absolute garbage. I've never seen such poor performance from a single piece of software.
Does it have to be 14MB? What does it do that VLC doesn't? Why can't we use VLC plugin to handle these blotchy, choppy, ugly, poorly compressed web vids?
I guess VLC just doesn't do blotchy, choppy, ugly, poorly compressed. OH WELL.
Adobe has, possibly illegally, cornered the market on blotchy, choppy, ugly, poorly compressed web vids and I'm pissed.
You should be too.
Where's the 64b version? I tried it and It don't work. HA, losers. That's right I just called you Adobe losers losers. Cause you ARE. All the money in the world and this is all you can come up with?
You don't seem to putter around when it comes to getting OVERPRICED software licenses out to the gullible masses.
Because of GIMP and Blender and Okular I DON'T NEED YOU.
AT ALL. NEVER FOR ANYTHING.
EXCEPT FLASH PLAYER.
AND IT RUNS LIKE ****.
****!

**ConfederacyOfDunces** · 28-Oct-2010, 23:57

Sorry, I went off topic.
I just started a new thread for this in Soapbox. It is more comfy there.

P.S. Love the forums here.

Thanks

**ken_yap** · 29-Oct-2010, 00:03

Originally Posted by techwiz03

They mention MAC OS/X, Linux, Solaris, UNIX but their target does indeed stipulate .exe .dll .com .bat which in the *nix world the .bat holds the only danger unless the *nix is running Windows in a virtualbox as Root! and with virtualbox given system wide access. When I was playing a flashplayer file about a month back, I did see adobe trying to load and run .dll's under Linux but all that happened was an entry in /var/log about failed attempt to access the C

windows\system32\xxx.dll and a warning in adobe about pluggin could not be loaded some features may not be available.

IMHO .bat which are scripts of a sort are the only real threat to Linux but if using virtualbox, all are of concern.

The issue is really whether the attacker can inject attacker specified code and get it to execute. The extensions of the file are not an indication that Linux is safe. It may be that an example exploit was created only for Windows.

Of course there may be other barriers on Linux to getting exploit code to execute, but any potential to run exploit code, whatever the name of the file, is of concern.

All good distros take Flashplayer vulnerabilities seriously and you will surely see updated packages soon.

Not only is Adobe's code quality of concern but the fact that they have a near monopoly on this niche is an issue. I'd like to see HTML5 video take over some share of the market and diversify it.