| Gönderen: |
"Lewis Rosenthal" <ecs-isp@2rosenthals.com> |
Tam Ba?l?klar
Çözülmemi? ?leti |
| Konu: |
Re: [eCS-ISP] "A vulnerability has been discovered in glibc" |
| Tarih: |
Mon, 12 Feb 2024 18:27:22 -0500 |
| Alacak: |
eCS ISP Mailing List <ecs-isp@2rosenthals.com> |
|
|---|
Apologies for the top post...
Assuming an attacker could get in behind the firewall, the defect allows the attacker to obtain elevated privs. OS/2 is a rooted OS anyway, so priva for everyone are already elevated.
For those of us running OS/2, this appears to be much ado about nothing.
Watch for a blog post from Arca Noae about this in the near future.
On February 12, 2024 6:14:45 PM EST, Peter Moylan <ecs-isp@2rosenthals.com> wrote:
>On 13/02/24 09:40, Massimo S. wrote:
>> Hi all,
>>
>> this could be a risk for our systems?
>>
>> thanks
>>
>> https://www.kaspersky.com/blog/cve-2023-6246-glibc-vulnerability/50369/?reseller=sea_regular-sm_acq_ona_smm__onl_b2b_twi_lnk_sm-team______&utm_source=twitter&utm_medium=social&utm_campaign=apac_regular-sm_ab0218&utm_content=link&utm_term=apac_twitter_organic_sfvpg2189o8cjup
>>
>> short url:
>>
>> https://is.gd/LKBxIt
>>
>> massimo
>>
>>
>
>The attacker must first have access to your system. Thus, you should be safe unless you're allowing remote users to log in using something like SSH.
>
>I can confirm that my SFTPD does not use glibc.
>
--
Lewis
|