New Adobe Flash Bug Being Exploited | threatpost
So as a Linux user how can my computer be compromised by these active exploits. I don’t want to sound dumb but I really don’t know. I don’t use Acroread I use Ocular but my wife does on her 11.1 box but we both use Flashplayer quit a bit. Can I be rooted by these kinds of exploits or not?
In the worst case you have to assume that any program that has a hole will give the attacker access as the user of the program. Which means that it could delete your files, steal your mail contacts, anything you could do as yourself. You can work out the ramifications of that and understand why people in these forums advise to minimise the time spent logged in as root.
Flashplayer is probably the more critical one since one is never quite sure who provided a video at any of those sharing sites. But you could also get hit from a PDF document if it has been uploaded by an attacker.
I really hate how sloppy Adobe is. There must have been about one patch per month or so for a long time.
Still trying to work out how nsunday.exe ~temp.bat and nsunday.dll will work on my system…?
contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability
No kidding.
Perhaps you would like the attacker to upload nsunday, temp.sh and nsunday.so?
They mention MAC OS/X, Linux, Solaris, UNIX but their target does indeed stipulate .exe .dll .com .bat which in the *nix world the .bat holds the only danger unless the *nix is running Windows in a virtualbox as Root! and with virtualbox given system wide access. When I was playing a flashplayer file about a month back, I did see adobe trying to load and run .dll’s under Linux but all that happened was an entry in /var/log about failed attempt to access the C:\windows\system32\xxx.dll and a warning in adobe about pluggin could not be loaded some features may not be available.
IMHO .bat which are scripts of a sort are the only real threat to Linux but if using virtualbox, all are of concern.
On Fri, 29 Oct 2010 03:06:02 +0000, techwiz03 wrote:
> IMHO .bat which are scripts of a sort are the only real threat to Linux
> but if using virtualbox, all are of concern.
Virtualbox, VMware, WINE, QEMU - pretty much all those options would be a
concern, not just VB. 
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
I have been wanting to start a rant about Adobe for a while now.
Is there a way to do .flv in Firefox in any other way but Flush or Shocknave?
Their plugin is absolute garbage. I’ve never seen such poor performance from a single piece of software.
Does it have to be 14MB? What does it do that VLC doesn’t? Why can’t we use VLC plugin to handle these blotchy, choppy, ugly, poorly compressed web vids?
I guess VLC just doesn’t do blotchy, choppy, ugly, poorly compressed. OH WELL.
Adobe has, possibly illegally, cornered the market on blotchy, choppy, ugly, poorly compressed web vids and I’m pissed.
You should be too.
Where’s the 64b version? I tried it and It don’t work. HA, losers. That’s right I just called you Adobe losers losers. Cause you ARE. All the money in the world and this is all you can come up with?
You don’t seem to putter around when it comes to getting OVERPRICED software licenses out to the gullible masses.
Because of GIMP and Blender and Okular I DON’T NEED YOU.
AT ALL. NEVER FOR ANYTHING.
EXCEPT FLASH PLAYER.
AND IT RUNS LIKE ****.
****!
Sorry, I went off topic.
I just started a new thread for this in Soapbox. It is more comfy there.
P.S. Love the forums here.
Thanks
The issue is really whether the attacker can inject attacker specified code and get it to execute. The extensions of the file are not an indication that Linux is safe. It may be that an example exploit was created only for Windows.
Of course there may be other barriers on Linux to getting exploit code to execute, but any potential to run exploit code, whatever the name of the file, is of concern.
All good distros take Flashplayer vulnerabilities seriously and you will surely see updated packages soon.
Not only is Adobe’s code quality of concern but the fact that they have a near monopoly on this niche is an issue. I’d like to see HTML5 video take over some share of the market and diversify it.
They are going to have Flash player supporting HTML-5.
Flash player is a resource pig as well.
Yes the need to run code to execute flash is of concern. I agree, there must be a way in which a video can be run by all without requiring pluggins. I am thinking like raw data with tags for video part, sound part, etc… After all, we have gif which although is just animation, it has a data structure that plays nice regardless of the OS and does so without need of pluggins unless you count having to have a program that can read a gif.
On 2010-10-29 06:38, Jim Henderson wrote:
> On Fri, 29 Oct 2010 03:06:02 +0000, techwiz03 wrote:
>
>> IMHO .bat which are scripts of a sort are the only real threat to Linux
>> but if using virtualbox, all are of concern.
>
> Virtualbox, VMware, WINE, QEMU - pretty much all those options would be a
> concern, not just VB.
They would be a concern to the guest, not to the host - unless you configure them to share or have
access to shared folders in the host (and probably only those). If damage can be done to the host,
then that’s is a security bug of the virtualizer itself.
This is precisely one of the reasons to run guest machines: if they are hacked, you simply overwrite
the image.
Perhaps the virtualizer can be “jailed” with apparmour, for some extra protection.
Of course, a hacked guest can attempt to hack, via network, any machine it can reach, including the
host. So: firewall.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
On 2010-10-29 08:06, ken yap wrote:
> Not only is Adobe’s code quality of concern but the fact that they have
> a near monopoly on this niche is an issue. I’d like to see HTML5 video
> take over some share of the market and diversify it.
And increasing. Now, when I go to an online radio, instead of it streaming the data, it opens a
flash window that does the streaming. At least it works on any operating system, which is a good
thing. Previously I always had problems with whatever plugin started (a xine variant, typically)
which could not extract the exact streaming url, designed to be found with iexplorer only.
So flash works, which is why it is so popular, and increasing. We can criticize it, with reason, but
the fact is, it works. I doubt html5 can cover all those needs.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)
On Fri, 29 Oct 2010 13:01:37 +0000, Carlos E. R. wrote:
> Of course, a hacked guest can attempt to hack, via network, any machine
> it can reach, including the host. So: firewall.
Well, one of the current bits of thinking is that root access isn’t such
a big deal (not that it’s not a big deal, mind), user-level access lets a
malicious program nuke your data, whereas root level access lets a
malicious program nuke everything. But the OS can be reinstalled. User-
level data? If it’s not backed up regularly, it can’t be recovered.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
And for certain types of nefarious activity, user level accounts are just as good or better than root accounts to the cracker. Of course the spammers would love to get hold of root access. But them just getting access to your user account can be just as or more damaging to you. A user account can send out mass spam. They can raid your address book. They can steal identify information.
On Fri, 29 Oct 2010 20:36:02 +0000, ken yap wrote:
> And for certain types of nefarious activity, user level accounts are
> just as good or better than root accounts to the cracker. Of course the
> spammers would love to get hold of root access. But them just getting
> access to your user account can be just as or more damaging to you. A
> user account can send out mass spam. They can raid your address book.
> They can steal identify information.
Yep, absolutely correct.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
I don’t understand why Flash player and Acroread can’t be sand boxed to prevent them from being constant security issues. Seem’s it’s time and money and Adobe has both they ought to apply to fixing their issues.
Adobe wants profits everything else is secondary!
Unfortunately flash has IMO become a necessary evil of the Internet.
Now maybe HTML5 isn’t the whole answer but Google is making some headway with VP8. That might be what puts Flash on the downswing.
Ok got me puzzled … Wikipedia under the term sandbox states a sandbox is a limited resource security system designed to prevent an application from direct access to system resources. The most common form is the applet which is used by Adobe with they’re acrobat reader and flash. So if the applet is supposed to be a restricted access form, and acrobat reader and adobe flash use it, and it is a form of sandbox, something is rotten in Denmark (not meant as an offense to the Danish).