RISE Security, a Brazilian network security firm, has discovered that the popular Eee PC from Asus may be vulnerable to remote explotation
The tiny UMPC-styled notebook runs a customised version of Xandros Linux by default, with a friendly interface slapped on top to simplify things for those not up-to-speed on desktop Linux. Like any other Linux install, Xandros comes with a metric tonne of extras in order for it to do various things. One of these extras is the Samba package, which is responsible for allowing the Eee PC to connect to CIFS network shares – as used by Windows-based computers.
It's this package which is causing problems according to RISE. The default version installed with the Eee is 3.0.24, which is vulnerable to a heap overflow attack first discovered in April last year. By exploiting the flaw in the outdated version of Samba, it's possible to attack the system over the network in order to gain root privileges – the Linux equivalent of the SYSTEM account in Windows.
The update mechanism offered via the Easy Interface is currently only offering BIOS updates plus a fix for the Voice Commander software – no system tweaks. Users who have unlocked the Advanced (aka Desktop) Interface are recommended to manually update Samba
to 3.0.28. If you're not comfortable with manually updating the software installed on the Eee, I'd recommend staying clear of any untrusted networks and disabling the wireless card whenever you're not using it.
Anybody feeling uneasy at having outdated and vulnerable services running by default on their Eee, or is it a load of fuss over nothing? Share your thoughts over in the forums