Peaches Posted April 24, 2009 Report Share Posted April 24, 2009 23 April 2009, 11:28Linux cache poisoning attacks easier than on Windows? An anonymous security expert on the Microsoft Subnet blog has published sample code for a cache poisoning attack on Linux. The work was based on Joanna Rutkowska's previously announced attack on Intel's System Management Mode, explained in detail in an Invisible Things Lab paper.The anonymous writer was surprised how easy the attack was and noted the exploit code was neither unusual or particularly complex. The aim of the attack is to obtain access to the usually well-secured are of memory used by the system management mode through modification of the Memory Type Range Registers (MTRR) and obtain space to place a rootkit, which would allow the attacker to gain control of the hypervisor or operating system. Root privileges are needed to execute the attack.The published sample code is for a Linux operating system running on an Intel DQ35 motherboard with 2GB of RAM. It appears that the Linux root user is given amazingly easy access to the Memory Type Range Registers. The blogger admits this attack could also be performed in Windows, but that it requires much more effort and know-how. (djwm) Heise security - http://www.h-online.com/security/Linux-cac...s--/news/113135 Quote Link to post Share on other sites
iccaros Posted April 24, 2009 Report Share Posted April 24, 2009 wow, spreading FUD now. .I understand Peaches that you are not the author, but come on this story comes from MS and was shot down last week as not really a security problem, why..first you need physical access to the machine. you also need to have the root account on the machine.. if you have both of these you do not need to write an exploit you own the machine.. also you need a specific intel chipset.. this who 'exploit' is nothing more than a user with root access can simply write to memory in Linux while on windows there is no tool to do so, so this makes it harder?just like on a linux machine if I am root I cam ifconfig eth0:0 and mutihome my network card.. windows has no command to do this, only with special drivers can you do it.. so its not an explit if you have to be root to do it.. Quote Link to post Share on other sites
iccaros Posted April 24, 2009 Report Share Posted April 24, 2009 I should say, That Peaches is just posting security violations so we can be a aware of them, and my comments on FUD are directed towards the MS blogger. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.