Language Selection

English French German Italian Portuguese Spanish

ASUS Eee PC rooted out of the box

Filed under
Security

We recently acquired an ASUS Eee PC (if you want to know more about it, a lot of reviews are available on internet). The first thing we did when we put our hands at the ASUS Eee PC was to test its security. The ASUS Eee PC comes with a customized version of Xandros operating system installed, and some other bundled software like Mozilla Firefox, Pidgin, Skype and OpenOffice.org.

Analysing the running processes of the ASUS Eee PC, the first thing that caught our attention was the running smbd process (the sshd daemon was started by us, and is not enabled by default).

Retrieving the the smbd version, we discovered that it runs a vulnerable version of Samba (Samba lsa_io_trans_names Heap Overflow), which exploit we published earlier last year.

Full Story




Same with other O/Ses

Most O/Ses come with already-known issues. This includes Vista, of course. Leopard too.

These researchers use the 'Eee hype' to draw more attention here. Linux flaws are interesting for the same reason that "man bites dog" is more interesting than "dog bites man".

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Red Hat Rolls Out Version 4.1 of KVM Platform

Red Hat has just launched Red Hat Virtualization 4.1. The company says that this product is "the latest release of the company's Kernel-based Virtual Machine (KVM)-powered enterprise virtualization platform." The goal, the company says is to provide "an open source infrastructure and centralized management solution for virtualized servers and workstations." Red Hat describes some of the platform's upgrades: Read more

GNOME To Do 3.24 release, and it’s shining

GNOME To Do is a personal task manager for GNOME. It uses GNOME technologies and integrates very well with the desktop. And now, it’s finally being released! The 3.24 version comes with a few nice features and, most importantly, whole load of bugfixes. Let’s get started! Read more

TrueOS STABLE Update: 4/24/17

After testing the UNSTABLE push over the weekend, the devs are happy to release a new STABLE update and installation files today! This update consists of two parts: installer changes for those who install TrueOS fresh, and general updates for systems with TrueOS already installed. Read more Also: TrueOS 20170424 Stable Update

How to track and secure open source in your enterprise

Recently, SAS issued a rather plaintive call for enterprises to limit the number of open source projects they use to a somewhat arbitrary percentage. That seems a rather obvious attempt to protest the rise of the open source R programming language for data science and analysis in a market where SAS has been dominant. But there is a good point hidden in the bluster: Using open source responsibly means knowing what you’re using so you can track and maintain it. Read more