Linux vulnerability lets anyone log-in into comp by tapping backspace 28 times
Linux has serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.Linux has a serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.
The issue was first reported by two researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at the Universitat Politècnica de València, according to a report on PCWorld. The researchers have put up the full details of the potential flaw in the Linux systemhere.
According to the PCWorld report, GRUB (Grand Unified Bootloader) is used by most Linux distributions, has a password feature that can restrict boot entries. The protection is important especially in organisations that are using Linux.
Dell admits security issues in its laptops makes them vulnerable to hackersThe researchers showed that by pressing the backspace key 28 times, hackers can bypass the need to put in a password or username and gain access.
According to the researchers, the bug is in the code of Grub since version 1.98 (December, 2009) affecting loader versions till December 2015.
Hackers who successfully exploit this can get access to a Grub rescue shell, a very powerful shell which can give them “full access to the grub’s console.”
Researchers also says hackers can load malware from a USB, copy the full disk or even launch a denial of service attack by destroying any data, including the grub. Attackers can overwrite the disk, causing denial of service.
No comments:
Post a Comment