Brad Spengler, the developer behind the Grsecurity project, has published an exploit for a vulnerability in the Tun interface in Linux kernel 2.6.30 and 2.6.18, used in Red Hat Enterprise Linux 5 (RHEL5), which can be exploited by attackers to obtain root privileges. Of particular interest is the fact that the exploit is even able to circumvent security extensions such as SELinux.

When a vulnerability researcher discloses a flaw in a widely-used operating system or application, some IT professionals question the motive. Such has been the case with a Linux Kernel flaw that was disclosed last week.

By now, most readers will be familiar with the local kernel exploit recently posted by Brad Spengler. This vulnerability, which affects the 2.6.30 kernel (and a test version of the RHEL5 "2.6.18" kernel), is interesting in a number of ways. This article will look in detail at how the exploit works and the surprising chain of failures which made it possible.

Mozilla has released Firefox 3.5.1 to fix the recently reported security vulnerability in the Just-in-Time (JIT) JavaScript compiler, an exploit for the Windows version of which is already doing the rounds. Attackers can exploit the vulnerability to inject and execute code on vulnerable systems.

Microsoft released a security advisory to acknowledge a flaw that affects every release of the Windows NT kernel, from Windows NT 3.1 up to and including Windows 7.

There’s a lot of discussion today about a 0day Local Linux Root exploit. http://isc.sans.org/diary.html?storyid=6820 For readers who aren’t security-savvy, that means that a user logged into a Linux system, with shell access, can bypass system security mechanisms and elevate his access to be equivalent to the system administrator (or ‘root’ user).

Wietse Venema created the open source Postfix mail system in 1997 and still maintains most the system himself. Venema talks to us about the unique structure of Postfix that gives it a leg up on security, “open” vs. “closed” code and thoughts for an advanced Scan project.

The FreeBSD developers have released new updates to their operating system to close three vulnerabilities. Users with restricted privileges can reportedly exploit all three holes to elevate their privileges. One of the vulnerabilities is caused by a design flaw recently also discovered and fixed in the kernel. It allows programming flaws to cause a NULL pointer dereference.

The current version of OpenOffice reportedly contains a security flaw that allows attackers to inject code into a system. The problem apparently only affects the 64-bit version of the office suite.