Asus Eee PC Ships with Remotely Exploitable Flaw

 
 
By Ryan Naraine  |  Posted 2008-02-11 Print this article Print
 
 
 
 
 
 
 

Asus Eee PC ships with remotely exploitable vulnerability Out of the box, the highly touted Asus Eee PC ships with a known code-execution vulnerability that allows a hacker to remotely gain root over a network.

According to a warning from RISE Security, the Linux-powered machine uses an old--and vulnerable--version of the Samba daemon for Windows file and print sharing.

Using the Metasploit point-and-click attack tool, RISE Security was able to launch an exploit that took complete control of the Asus Eee PC.

Metasploit's HD Moore just about sums up my reaction to this news:

"Considering how much criticism other PC vendors have received for out-of-the-box security, its a wonder that a similar outcry has not been heard for Linux-based products."

It's important to note that the actual vulnerability has already been patched in Samba 2.0.24.

 
 
 
 
del.icio.us | digg.com
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel