Asus Eee PC Ships with Remotely Exploitable Flaw

By Ryan Naraine  |  Posted 2008-02-11 Print this article Print

Asus Eee PC ships with remotely exploitable vulnerability Out of the box, the highly touted Asus Eee PC ships with a known code-execution vulnerability that allows a hacker to remotely gain root over a network.

According to a warning from RISE Security, the Linux-powered machine uses an old--and vulnerable--version of the Samba daemon for Windows file and print sharing.

Using the Metasploit point-and-click attack tool, RISE Security was able to launch an exploit that took complete control of the Asus Eee PC.

Metasploit's HD Moore just about sums up my reaction to this news:

"Considering how much criticism other PC vendors have received for out-of-the-box security, its a wonder that a similar outcry has not been heard for Linux-based products."

It's important to note that the actual vulnerability has already been patched in Samba 2.0.24. |

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel