One hacker command can attack all Linux systems

On the same day of Microsoft's menstruation Day (8.11) this month, foreign hackers taviso and julien disclosed a vulnerability that can attack all new and old Linux systems, including but not limited to RedHat, CentOS, and Suse, debian, Ubuntu, Slackware, Mandriva, Gentoo and its derivative systems. Hackers only need to execute one command to obtain the root permission through this vulnerability. Even if SELinux is enabled, this vulnerability does not help. How simple is the Attack Vulnerability? Let's look at the figure below and see the truth.

 

As shown in, using this vulnerability is extremely simple and affects all Linux kernels. baoz strongly recommends that system administrators or security personnel refer to the following temporary repair solutions to prevent Linux system attacks.

1. Use Grsecurity or Pax kernel security patches and enable KERNEXEC protection.

2. Upgrade to 2.6.31-rc6 or 2.4.37.5 or later.

3. If you are using a RedHa tEnterprise Linux 4/5 system or Centos4/5 system, you can use the following simple operations to prevent attacks.

Add the following content to the/etc/modprobe. conf file:

Install pppox/bin/true

Install bluetooth/bin/true

Install appletalk/bin/true

Install ipx/bin/true

Install sctp/bin/true

Obviously, the third solution is relatively simple and effective, with minimal impact on your business. If you are not familiar with compiling and installing the Linux kernel, do not use the first two solutions, otherwise, your system may never start.