Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 24 Nov 2017, 13:13
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Linux's Systemd can be pwned via an evil DNS query
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [8 Posts]  
Author Message
belham2

Joined: 15 Aug 2016
Posts: 1305

PostPosted: Thu 29 Jun 2017, 14:04    Post subject:  Linux's Systemd can be pwned via an evil DNS query  

http://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query/

"Don't panic, but Linux's Systemd can be pwned via an evil DNS query..........PS, Alpine users, you need to get patching, too – for other reasons"

By Shaun Nichols in San Francisco 29 Jun 2017 at 01:44

Systemd, the Linux world's favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you're affected.

Looking up a hostname from a vulnerable Systemd-powered PC, handheld, gizmo or server can be enough to trigger an attack by an evil DNS service: the software's resolved component can be fooled into allocating too little memory for a lookup response......................................................
Back to top
View user's profile Send private message 
6502coder


Joined: 23 Mar 2009
Posts: 405
Location: Western United States

PostPosted: Thu 29 Jun 2017, 14:28    Post subject:  

http://www.zdnet.com/article/linuxs-systemd-vulnerable-to-dns-server-attack

"Ubuntu maker Canonical has released a patch to address the issue....The bug, identified as CVE-2017-9445, could be used by a remote attacker to cause a denial of service in the daemon or execute arbitrary code."

"Debian developers note that the issue doesn't affected Debian Wheezy and Jessie, while Stretch and Buster are vulnerable. However, in Stretch's case, the issue is considered "minor" because systems-resolved is not enabled by default. "
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 963

PostPosted: Thu 29 Jun 2017, 15:08    Post subject:  

More details here:

CVE-2017-9445
https://security-tracker.debian.org/tracker/CVE-2017-9445

Ubuntu Security Notice USN-3341-1
https://www.ubuntu.com/usn/usn-3341-1
Back to top
View user's profile Send private message 
anikin

Joined: 10 May 2012
Posts: 963

PostPosted: Fri 30 Jun 2017, 05:56    Post subject:  

I quickly ran through the comments section of the OP article
http://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query
They are not extremely thoughtful, but this one caught my attention. It explains why systemd-resolved was introduced in the first place:
Quote:
John Sanders

I use systemd on all the servers I manage, out of choice. I refuse to set up non-systemd server-setups any more, it is just so vastly more pleasant to work with than the alternatives.

So, for me personally, when systemd came along, it solved all the problems I ever had with system initialization. What most systemd critics consider "bloat", I consider necessary complexity to solve a complex problem generically. You can say what you want about Poettering, but he actually realized what the problems with system initialization were and provided a working solution. I could go on for hours, but this should be a good summary.

A lot of the pushback against systemd - merited or not - is because a lot of people in charge of little parts of the bazaar have seen their pet projects cast aside by the major distros and taken over by the systemd devs. In a world where street cred is a big force in motivating people to contribute to open source being maintainer of 'x' where 'x' is part of each and every linux distro out there and then to see 'x' taken over by systemd in a fairly rough manner without any kind of co-operation between the old maintainers and the new kids on the block there are bound to be a lot of ruffled feathers. But that's not technology, that's just ego.

I find amusing that no one here is asking why systemd-resolved was introduced, or what problem was it intended to solve, read this post: https://lists.ubuntu.com/archives/ubuntu-devel/2016-May/039350.html
Back to top
View user's profile Send private message 
saintless


Joined: 11 Jun 2011
Posts: 3882
Location: Bulgaria

PostPosted: Fri 30 Jun 2017, 11:53    Post subject:  

anikin wrote:
I quickly ran through the comments section of the OP article
http://www.theregister.co.uk/2017/06/29/systemd_pwned_by_dns_query
They are not extremely thoughtful, but this one caught my attention.

If we want to be fair this guy seems very positive about systemd. Very positive or very negative words about something always make me suspicious. And he isn't always so polite:
https://forums.theregister.co.uk/post/reply/3189561?
Quote:
John Sanders
.....
I'm sick of the systemd crap people post online, out of 1000's of posts I have seen maybe 1 or 2 issues that were genuine issues with systemd, the rest was people who do not know/are not familiar with systemd and just complain when they do not know what to do when their sysv hacks don't work on systemd.

For all the hacks out there who hate systemd, create a unit, and run your fucking script from there:

/etc/systemd/system/lowgpu.service

.....

I agree with the answer below.
https://forums.theregister.co.uk/forum/1/2017/05/26/devuan_1_0_long_term_support_released/#c_3189112

Quote:
HieronymusBloggs
Quote:
"I'm sick of the systemd crap people post online, out of 1000's of posts I have seen maybe 1 or 2 issues that were genuine issues with systemd"


Presumably those "1000's" of posts were somewhere else on the internet. Most of the posts about systemd problems on this forum have been from experienced people who certainly don't need to be given a "dummy's guide" to how to write a unit file. It's Friday. Calm down and have a beer.

I have nothing against systemd but I think it wasn't ready and it is still not ready to be the default init. Unfortunately the linux world suffers the most from this systemd separation at the moment and there are no winners.

Toni

_________________
Farewell, Nooby, you will be missed...
Back to top
View user's profile Send private message MSN Messenger 
anikin

Joined: 10 May 2012
Posts: 963

PostPosted: Fri 30 Jun 2017, 13:16    Post subject:  

Toni, mon ami,

Are we on the same wavelength? Did you understand my post? It was about one and only one subject: ... why systemd-resolved was introduced in the first place
Quote:
...I find amusing that no one here is asking why systemd-resolved was introduced, or what problem was it intended to solve, read this post: https://lists.ubuntu.com/archives/ubuntu-devel/2016-May/039350.html
systemd-resolved seems to be the root cause of the vulnerability. Can we stay on topic and avoid all the empty talk about how you and I personally feel about systemd?
Back to top
View user's profile Send private message 
saintless


Joined: 11 Jun 2011
Posts: 3882
Location: Bulgaria

PostPosted: Fri 30 Jun 2017, 13:43    Post subject:  

anikin wrote:
systemd-resolved seems to be the root cause of the vulnerability. Can we stay on topic and avoid all the empty talk about how you and I personally feel about systemd?

Sure Anikin, but my post is on-topic.
systemd-resolved is just the next proof to my previous post end lines. Not ready yet for default init.

Toni

_________________
Farewell, Nooby, you will be missed...
Back to top
View user's profile Send private message MSN Messenger 
anikin

Joined: 10 May 2012
Posts: 963

PostPosted: Sat 01 Jul 2017, 14:26    Post subject:
Subject description: Ubuntu 17.04 systemd-resolved DNS lookups randomly fail
 

Some useful info here:
https://superuser.com/questions/1153203/ubuntu-17-04-systemd-resolved-dns-lookups-randomly-fail
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [8 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0502s ][ Queries: 13 (0.0065s) ][ GZIP on ]