Essay - Security Vulnerabilities in Linux There Has Been Much Hype Over...

Security Vulnerabilities in Linux

There has been much hype over the years on whether Windows is better than ***** - or vice versa. Foremost concern of which are the security *****sues and stability ***** each of the operating system. "People keep having this delusion that ***** is a product. That, if you just buy some magic box, you'll have a progr*****m or an ***** system that's as secure as Fort Knox. It doesn't work that way. Security is a process, not a product. (Vaughan-Nichols, 2006)" But when it comes to security, vulnerabilities ***** the system is actually what comes ***** mind - and it ***** in ***** presence of these ***** that impact the *****all secur*****y of any system.

***** written ***** Petreley's Security Report: Windows vs. Linux, "The severity of security vulnerabilities, derived from ***** following metrics: damage potential (how ***** damage is possible?); exploitation potential (how easy is it to exploit?); and exposure potential (what kind of access is necessary ***** exploit the vulnerability?) - ***** the number of critically severe vulnerabilities. (Petreley, 2004)" The focal point of any operating system such as Linux is the "kernel." The kernel basically gives instructions to ***** *****or, which controls the computer, what processes to undergo.

In Linux, most of ***** vulnerabilities discovered have something ***** do with the kernel. One of ***** vulnerabilities reported early this year is the "Linux Kernel CIFS chroot Directory Traversal Vulnerability." This ***** kernel vulnerability "could be exploited by malicious users to bypass ***** restrictions. This flaw is due to an input validation error when processing arguments containing backslash ("\") characters passed to certain comm*****ds (e.g. "cd"), ***** could ***** exploited by authenticated attackers to escape chroot restrictions for a CIFS or SMBFS mounted filesystem. ***** vulnerability has been reported in versions prior ***** 2.6.16.11. (Holtmann, 2006)" The primary solution to ***** ***** is by updating ***** version 2.6.16.11. This update like most Linux patches and ********** ***** available at http://www.kernel.org.

Another "serious vulnerability has been found in the popular KDE open-source software bundle. The flaw, deemed 'critical, by ***** research outfit the French Security Incident Response Team, ***** allow a remote ********** to gain control over vulnerable systems. ***** is a desktop ***** package for Linux and UNIX systems and includes ***** Konqueror Web browser ***** other applications. ***** vulnerability lies in the JavaScript *****terpreter engine used ***** Konqueror and other parts of KDE, according to a security advisory posted Thursday. An attacker could craft a special UTF-8 encoded URI sequence ***** exploit the flaw, according to the advisory. For an attack to be successful, a person would have to visit the attacker's Web page using Konqueror, the FrSIRT said in its alert. Affected are KDE 3.2.0 up ***** ***** including KDE 3.5.0. Fixes are *****. (Evers, 2006)" The vulnerability can be fur*****r exploited by malicious people by initiating a DoS (Denial of Ser*****) attack or compromise a user's system. Upd*****ting of ***** and installing of quick fixes are the ***** solutions to this