Linked by Thom Holwerda on Fri 6th Jan 2006 22:56 UTC
Privacy, Security, Encryption Open source experts have hit back at a study published by the United States Computer Emergency Readiness Team that said more vulnerabilities were found in Linux/Unix than in Windows in 2005, labelling the report misleading and confusing. The report has attracted criticism from the open source community. Linux vendor Red Hat said the vulnerabilities had been miscategorised, and so could not be used to compare the relative security of Windows and Linux/Unix platforms.
Permalink for comment 82696
To read all comments associated with this story, please click here.
RE[4]: this is ridiculous
by ivans on Sat 7th Jan 2006 02:58 UTC in reply to "RE[3]: this is ridiculous"
Member since:

That's where you are wrong. A bug in ServU is a ServU bug, not a win3k bug, so it won't show up in win3k vulnerabilities, while every single bug found in all ftp servers, databases, languages (java, php, etc..) supported by RH will show up.

Welcome to open-source model of services.

Microsoft doesn't support 3rd party ServU, where RH does support it's RPMs, that's the crucial difference.

Regardless, I think these pictures sum it up rather well why win3k is less secure than RHEL:



Most unpatched secunia "flaws" on WS2K3 are just vapour. There are not real flaws, but the product of someone's imagination, unspecified sources and have no real-life damage potential.

Unspecified vulnerability, advisory published as a "eweek article" based on rumors of an unsigned security researcher? Where is the flaw, what instruction, where is the PoC code? Nowhere, because this is a vapour bug.

So, if trusted user is logged in on TS server, if opening several hundred thousand handles on a specified key, you could prevent other users from logging in. Dispite the fact that it would consume large amount of resources immediately noticed by admin or killed by quota, despite the fact that there are dozens of other ways of raping system resources..

It says it is "partially fixed", althoug MS issued all the patches necessary, and secunia doesn't specify which parts were left unpatched. In fact, the original bug test page: on my full-patched XP SP2 produces exactly ZERO postive tests. Vapour.

This is my favorite. 2 years old "flaw" in a proactive buffer-overflow prevention mechanism, that could be bypassed with "specially crafted shellcode". Geez, I thought that EVERY buffer/heap/integer.. overflow prevention mechanism leaves a small attack window, even PaX with ASLR!

Actually this /GS compiler flag "bug" has been fixed with /SAFESEH switch, XP SP2 and WS2K3 SP1 were compiled with both swithches "on" and they are enabled by default in Visual Stdio 2005.

So this is black on white proof that some of secunia "bugs" are pure vapour.

Actually the recommended way for software running with higher privileges on LUA desktop is to run inside a JOB with JOB_OBJECT_UILIMIT_HANDLE flag set "on", which will disable any kind of WM_* messsages sent from processes outside the job, including the LUA created ones. This is no Windows bug, it's a potential bug for badly written 3rd party software.

So most of this secunia stuff is pure BS, I guess they put it there so that linux cowboys can have mental orgasms quoting "xy unpatched window flaws".

Oh well, have fun, I go to sleep now ;)

Reply Parent Score: 3