Announcement

Collapse
No announcement yet.

Mambo Exploit Blocked by SELinux

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Chousho
    replied
    Yeah, well this is interesting to me, as I thought it was mainly to prevent against network vulnerabilities and executable files. While parts of this article went over my head, I'm bookmarking it to refer back to as I learn the ins and outs of Linux.

    Thanks again for the great find. It caused me to read up on SELinux, and I discovered it was actually a project from the US Government (DoD). Adds some interest, as well.

    Leave a comment:


  • DelphiVillage
    replied
    this is something i have always warned for mambo , joomla , wordpress etc are all full of holes still people are crazy enough to continue using them i can't understand why

    Leave a comment:


  • zhaoke
    replied
    My pleasure. Huh..

    Leave a comment:


  • Chousho
    replied
    Ooh, thanks for the link. This is pretty interesting.

    Leave a comment:


  • zhaoke
    started a topic Mambo Exploit Blocked by SELinux

    Mambo Exploit Blocked by SELinux

    Linux Journal have published an interesting article, Mambo Exploit Blocked by SELinux, by Richard Bullington-McGuire.

    Mambo is a CMS written in PHP. At some point, the code was vulnerable to a worm, which breached Richard's system. His article details how this breach was both detected and contained with SELinux, as configured with the default targeted policy under RHEL4.

    It demonstrates one of the core goals of SELinux, which is to prevent flawed software from being exploited by malware. In this case, the payload was delivered into the system via a third party PHP application, but was then prevented from doing any damage.

    The article is also useful generally as an example of computer forensics procedures.

    http://interactive.linuxjournal.com/article/9176

Related Topics

Collapse

Working...
X