One shoot remote root for Linux?

While I am the first, I am sure soon I will just be one among thousands blogging this.

Sometimes news finds us in mysterious yet obvious ways.

HD Moore set a status which I noticed on my twitter:

@hdmoore reading through sctp_houdini.c - one-shot remote linux kernel root - http://kernelbof.blogspot.com/

I asked him about it on IM, wondering if it is real:
"looks like that
but requires a sctp app to be running"

Naturally, I retweeted.

I left a comment on the guy's blog:

It's always nice to have good and talented people show us how we forget the obvious, continually. This somehow brings memories of Ciscogate to mind, but just by similarity of the original DoS vulnerability story.

Thanks for your work and for keeping full disclosure alive and well (where responsible). Everyone should be patched by now, unless they don't believe DoS vulns to be "important enough".

Signed,

@gadievron

Reimage named "Cool Vendor" by Gartner. They are COOL

My friend Zak Dechovich started a startup named Reimage and I am very exited because Reimage was just named by Gartner as a "cool vendor".

While I was a disbeliever at the very beginning, I saw the light. I am VERY excited Reimage does. They are COOL.

The original idea behind the company was to help US, the computer savvy folk who have to fix our family's computers all the time, by creating easy to use software that does it for us.

While it originally was unintentional, they remove a lot of malware while they are at it. Making it a very useful security product to boot.

Reimage's web site:
http://www.reimage.com/

Gadi Evron,
ge@linuxbox.org.

Follow me on twitter! http://twitter.com/gadievron