<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font size="+1"><font face="Comic Sans MS">That sounds like a cover
story. Could this exploit be used to gain access to Linus
servers running Apache?<br>
<br>
BTW a DDOS attack made the news at noon on WUSA (old channel
9). They said it was large and affected the East Coast of the United
Snakes.<br>
<br>
<br>
RICHARD BARTH wrote on 10/21/2016 5:57 PM:
<blockquote type="cite">
<meta charset="UTF-8">
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;">According to one review I
read, it was discovered some years ago and a fix prepared.</span><br>
</p>
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;">It was dropped, though,
because the fix caused problems with one of the IBM
machines</span></p>
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;">the software was commonly
run on, and the bug wasn't considered to be a big one at </span></p>
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;">the time.</span></p>
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;"><br>
</span></p>
<p><span style="color: rgb(51, 51, 51); font-family:
helvetica, arial, sans-serif; font-size: 12pt;
background-color: transparent;">Dick</span></p>
<blockquote type="cite">On October 21, 2016 at 5:46 PM Jason
Wright <a class="moz-txt-link-rfc2396E" href="mailto:jason@thought.net"><jason@thought.net></a> wrote:<br>
<br>
<p>A friend and I spent some time looking at a proof of
concept exploit of this vulnerability this afternoon.
Nasty... Essentially it provides a pivot from unprivileged
user to root by allowing the corruption of a cached page
that is supposed to be read only (copy on write). It's
pretty clever and because it doesn't corrupt the file on
disk, not easily traceable.</p>
<p>--Jason Wright</p>
<div class="ox-522fb6bcfb-gmail_extra"><br>
<div class="ox-522fb6bcfb-gmail_quote">On Oct 21, 2016
2:20 PM, "RICHARD BARTH" <<a
href="mailto:w3hwn@comcast.net"><a class="moz-txt-link-abbreviated" href="mailto:w3hwn@comcast.net">w3hwn@comcast.net</a></a>>
wrote:<br>
<blockquote>
<div>
<p><br>
</p>
<blockquote type="cite">---------- Original Message
----------<br>
From: US-CERT <<a
href="mailto:US-CERT@ncas.us-cert.gov"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:US-CERT@ncas.us-cert.gov">US-CERT@ncas.us-cert.gov</a></a>><br>
To: <a href="mailto:w3hwn@arrl.net"
target="_blank">w3hwn@arrl.net</a><br>
Date: October 21, 2016 at 2:20 PM<br>
Subject: Linux Kernel Vulnerability<br>
<br>
<table style="border-collapse: collapse;"
class="ox-522fb6bcfb-m_2238678406295053627mce-item-table
mce-item-table" align="center" border="0"
cellpadding="0" cellspacing="0" width="700">
<tbody>
<tr>
<td style="padding: 0px;">
<p><img
src="cid:part4.01020305.00050807@comcast.net"
alt="U.S. Department of Homeland
Security US-CERT" style="width: 700px;
height: 100px;" height="100"
width="700"></p>
<p>National Cyber Awareness System:</p>
<p> </p>
<div
class="ox-522fb6bcfb-m_2238678406295053627ox-b484f92f20-rss_item"
style="margin-bottom: 2em;">
<div
class="ox-522fb6bcfb-m_2238678406295053627ox-b484f92f20-rss_title"
style="font-weight: bold; font-size:
120%; margin: 0 0 0.3em; padding: 0;"><a
href="https://www.us-cert.gov/ncas/current-activity/2016/10/21/Linux-Kernel-Vulnerability"
target="_blank">Linux Kernel
Vulnerability</a></div>
<div
class="ox-522fb6bcfb-m_2238678406295053627ox-b484f92f20-rss_pub_date"
style="font-size: 90%; font-style:
italic; color: #666666; margin: 0 0
0.3em; padding: 0;">10/21/2016 12:50
PM EDT</div>
<br>
<div
class="ox-522fb6bcfb-m_2238678406295053627ox-b484f92f20-rss_description"
style="margin: 0 0 0.3em; padding: 0;">Original
release date: October 21, 2016<br>
<p>US-CERT is aware of a Linux kernel
vulnerability known as Dirty COW
(CVE-2016-5195). Exploitation of
this vulnerability may allow an
attacker to take control of an
affected system.</p>
<p>US-CERT recommends that users and
administrators review the <a
href="https://access.redhat.com/security/cve/cve-2016-5195"
target="_blank">Red Hat CVE
Database</a>, the <a
href="http://people.canonical.com/%7Eubuntu-security/cve/2016/CVE-2016-5195.html"
target="_blank">Canoical Ubuntu
CVE Tracker</a>, and <a
href="https://www.kb.cert.org/vuls/id/243144"
target="_blank">CERT Vulnerability
Note VU#243144</a> for additional
details, and refer to their Linux or
Unix-based OS vendors for
appropriate patches.</p>
<hr>
<p>This product is provided subject to
this <a
href="http://www.us-cert.gov/privacy/notification"
target="_blank">Notification</a>
and this <a
href="http://www.us-cert.gov/privacy/"
target="_blank">Privacy & Use</a>
policy.</p>
</div>
</div>
<hr>
<table style="border-collapse: collapse;
width: 100%;"
class="ox-522fb6bcfb-m_2238678406295053627mce-item-table
mce-item-table" border="0"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="padding: 0px; color:
#757575; font-size: 10px;
font-family: Arial;" height="60"
width="89%">A copy of this
publication is available at <a
href="https://www.us-cert.gov"
target="_blank"><a class="moz-txt-link-abbreviated" href="http://www.us-cert.gov">www.us-cert.gov</a></a>.
If you need help or have
questions, please send an email to
<a href="mailto:info@us-cert.gov"
target="_blank">info@us-cert.gov</a>.
Do not reply to this message since
this email was sent from a
notification-only address that is
not monitored. To ensure you
receive future US-CERT products,
please add <a
href="mailto:US-CERT@ncas.us-cert.gov"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:US-CERT@ncas.us-cert.gov">US-CERT@ncas.us-cert.gov</a></a>
to your address book.</td>
</tr>
</tbody>
</table>
<table style="border-collapse: collapse;
width: 400px;"
class="ox-522fb6bcfb-m_2238678406295053627mce-item-table
mce-item-table" border="0"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="padding: 0px; color:
#666666; font-family:
Arial,sans-serif; font-size:
12px;" height="24" valign="bottom">OTHER
RESOURCES:</td>
</tr>
<tr>
<td style="padding: 0px; color:
#666666; font-family:
Arial,sans-serif; font-size:
12px;" height="24" valign="middle"><a
href="http://www.us-cert.gov/contact-us/" target="_blank">Contact Us</a>
| <a
href="http://www.us-cert.gov/security-publications"
target="_blank">Security
Publications</a> | <a
href="http://www.us-cert.gov/ncas"
target="_blank">Alerts and Tips</a>
| <a
href="http://www.us-cert.gov/related-resources"
target="_blank">Related
Resources</a></td>
</tr>
</tbody>
</table>
<table style="border-collapse: collapse;
width: 150px;"
class="ox-522fb6bcfb-m_2238678406295053627mce-item-table
mce-item-table" border="0"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="padding: 0px; color:
#666666; font-family:
Arial,sans-serif; font-size:
12px;" colspan="7" height="24"
valign="bottom">STAY CONNECTED:</td>
</tr>
<tr>
<td style="padding: 0px;" width="41"><a
href="http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new"
target="_blank"><img
src="cid:part18.08060906.03030100@comcast.net"
alt="Sign up for email
updates" style="width: 25px;
height: 25px;" border="0"
height="25" width="25"></a></td>
</tr>
</tbody>
</table>
<p style="color: #666666; font-family:
Arial,sans-serif; font-size: 12px;">SUBSCRIBER
SERVICES:<br>
<a
href="http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true"
target="_blank">Manage Preferences</a> | <a
href="https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.b03cc84c90ac58ffb6e970add416fb2d&destination=w3hwn%40arrl.net"
target="_blank">Unsubscribe</a> |<wbr> <a
href="https://subscriberhelp.govdelivery.com/" target="_blank">Help</a></p>
<hr>
<table style="border-collapse: collapse;
width: 100%;"
class="ox-522fb6bcfb-m_2238678406295053627mce-item-table
mce-item-table" border="0"
cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="padding: 0px; color:
#757575; font-size: 10px;
font-family: Arial;" width="89%">This
email was sent to <a
href="mailto:w3hwn@arrl.net"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:w3hwn@arrl.net">w3hwn@arrl.net</a></a>
using GovDelivery, on behalf of:
United States Computer Emergency
Readiness Team (US-CERT) · 245
Murray Lane SW Bldg 410 ·
Washington, DC 20598 · <a
target="_blank">(888) 282-0870</a></td>
<td style="padding: 0px;"
align="right" width="11%"><a
href="http://www.govdelivery.com/portals/powered-by"
target="_blank"><img
src="cid:part25.08000201.01020306@comcast.net"
alt="Powered by GovDelivery"
style="width: 115px; height:
35px;" border="0" height="35"
width="115"></a></td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</blockquote>
</div>
<br>
______________________________<wbr>_________________<br>
Tacos mailing list<br>
<a href="mailto:Tacos@amrad.org">Tacos@amrad.org</a><br>
<a
href="https://lists.amrad.org/mailman/listinfo/tacos"
target="_blank"><a class="moz-txt-link-freetext" href="https://lists.amrad.org/">https://lists.amrad.org/</a><wbr>mailman/listinfo/tacos</a><br>
<br>
</blockquote>
</div>
</div>
_______________________________________________<br>
Tacos mailing list<br>
<a class="moz-txt-link-abbreviated" href="mailto:Tacos@amrad.org">Tacos@amrad.org</a><br>
<a class="moz-txt-link-freetext" href="https://lists.amrad.org/mailman/listinfo/tacos">https://lists.amrad.org/mailman/listinfo/tacos</a><br>
</blockquote>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Tacos mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Tacos@amrad.org">Tacos@amrad.org</a>
<a class="moz-txt-link-freetext" href="https://lists.amrad.org/mailman/listinfo/tacos">https://lists.amrad.org/mailman/listinfo/tacos</a>
</pre>
</blockquote>
<br>
<br>
</font></font>
<pre class="moz-signature" cols="72">--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No electrons were harmed in the creation of this message
--------------------------------------------------------
~~~******************* Alex Fraser *******************~~~
--------------------------------------------------------
[[[[[[~~^^^#___=>>>```/\/\**O**/\/\```<<<=___#^^^~~]]]]]]
</pre>
</body>
</html>