Vulneratbility - Slackware can be compromised - all versions affected
by crts from LinuxQuestions.org on (#5HAC5)
A few weeks ago I found ways to infiltrate/compromise a Slackware system. I was not actively looking for weaknesses but stumbled upon it, by chance. I know you are all eagerly awaiting 15 to release but this issue should be addressed ASAP.
I am not going to disclose any details, yet, in order to minimize chances of exploitation of the vulnerability. I am, however, willing to work with anyone closely involved in the development of Slackware (except AlienBob) and provide instructions on how to confirm the vulnerability.
I am also willing to cooperate with any maintainer of a derivative of Slackware and check if those systems are affected, too.
I have patches ready for Slackware 14.2. With minor adjustments they should also work for other versions.
I am not going to disclose any details, yet, in order to minimize chances of exploitation of the vulnerability. I am, however, willing to work with anyone closely involved in the development of Slackware (except AlienBob) and provide instructions on how to confirm the vulnerability.
I am also willing to cooperate with any maintainer of a derivative of Slackware and check if those systems are affected, too.
I have patches ready for Slackware 14.2. With minor adjustments they should also work for other versions.