Unix Tip: VULNERABILITIES IN UNIX

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

UNIX GURU UNIVERSE
UNIX HOT TIP

Unix Tip 3513 - September 21, 2012

http://www.ugu.com/sui/ugu/show?tip.today

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


VULNERABILITIES IN UNIX


Information provided by the Sans Institute:
<A HREF="http://www.sans.org">http://www.sans.org</A>


The ten most commonly exploited UNIX vulnerabilities?

Poor system administration practices

Reusable/poor passwords

Flawed SUID programs (e.g., rdist, binmail)

HTTP servers and CGI application vulnerabilities

Default "+" entries in the /etc/hosts.equiv file

NFS/NIS vulverabilities sendmail program bugs

Buffer overruns (e.g., gets(), syslog())

SUID shell scripts



--------------------------------------------------------------------------
To Subscribe: http://www.ugu.com/sui/ugu/show?tip.subscribe
To Unsubscribe: http://www.ugu.com/sui/ugu/show?tip.unsubscribe
To Submit A Tip: http://www.ugu.com/sui/ugu/show?tip.today

==========================================================================
DISCLAIMER: All UNIX HOT TIPS ARE OWNED BY THE UNIX GURU UNIVERSE AND ARE
NOT TO BE SOLD, PRINTED OR USED WITHOUT THE WRITTEN CONSENT OF THE UNIX
GURU UNIVERSE. ALL TIPS ARE "USE AT YOUR OWN RISK". UGU ADVISES THAT
ALL TIPS BE TESTED IN A NON-PRODUCTION DEVELOPMENT ENVIRONMENT FIRST.

Unix Guru Universe - www.ugu.com - tips@ugu.com - Copyright 1994-2001
==========================================================================