Mailinglist Archive: opensuse-security (11 mails)

< Previous Next >
[opensuse-security] Potential Nautilus issue ..
All,

On shmoocon ( http://www.shmoocon.org/schedule ) they showed a POC of an
USB exploit on Ubuntu Linux.

Information:
http://www.shmoocon.org/speakers#usbautorun
Video:
http://www.shmoocon.org/2011/videos/Larimer-USB_AutoRun.m4v

This is caused by a exploit in via the dvi format (probably this one:
http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2
) and the automount option of Nautilus. I see that Nautilus in openSuSE
(11.3) is standard configured to automount.

I don't know if this considered an issue.

Regards,

Joop.

--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups