Sunday, March 19, 2006

Most commonly exploited UNIX vulnerabilities?

Most commonly exploited UNIX vulnerabilities?


Poor system administration practices

Reusable/poor passwords

Flawed SUID programs (e.g., rdist, binmail)

HTTP servers and CGI application vulnerabilities

Default "+" entries in the /etc/hosts.equiv file

NFS/NIS vulverabilities sendmail program bugs

Buffer overruns (e.g., gets(), syslog())

SUID shell scripts

No comments: