Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Adobe Warns of Security Flaw in Reader

Zonk posted more than 9 years ago | from the quick-fix dept.

Security 20

isusmiley writes "Adobe Systems Inc. issued a warning on its Web site Tuesday saying that the flaw affects only the Adobe Reader versions 5.0.9, 5.0.10, which were written for the Unix computer operating system. Adobe has since posted a fix for the vulnerability on its site, and a spokesman said Wednesday he was unaware of any security breaches resulting from the software flaw, which was discovered by the security defense firm IDefense, headquartered in Reston, Va."

Sorry! There are no comments related to the filter you selected.

Note (2, Funny)

Otter (3800) | more than 9 years ago | (#13007168)

Current versions for Linux and Solaris seem to be OK, anyway. It's the current AIX and HP-UX versions that are bad.

So much for 2005 being The Year Of AIX On The Desktop!

UNIX Acrobat Reader flaw? (-1, Troll)

Anonymous Coward | more than 9 years ago | (#13007178)

OMG LOLLERZ I USE XP

How can this happen? UNIX is safe from attacks I thought?

Oh good (2, Interesting)

Dammital (220641) | more than 9 years ago | (#13007299)

Adobe's recommendation is to replace their vulnerable version 5 reader with the spyware version [lwn.net] 7.

That's progress. Of a sort.

Re:Oh good (2, Interesting)

MoonFog (586818) | more than 9 years ago | (#13007425)

And even with the spyware, the Linux version is still incapable of opening DRM'ed ebooks, seeing how it appears to be locked in with MS passport.

Just remember... (3, Informative)

jd (1658) | more than 9 years ago | (#13007548)

There is a Layer 7 patch for Linux that will allow you to filter network traffic by application type. You should be able to use an unpatched IPTables to filter anything outbound from acroread anyway, but I'm not sure if this would catch everything that can include Acrobat internally. Either way, you can make it very very hard for Acrobat-based spyware.


I would also suggest lobbying the UN to have Javascript declared a crime against humantiy, but that might take longer to be effective.

Re:Just remember... (1)

vigilology (664683) | more than 9 years ago | (#13017895)

Could you tell us what patch this is, please?

Re:Just remember... (1)

jd (1658) | more than 9 years ago | (#13022611)

Layer 7 patches [freshmeat.net]

Re:Just remember... (1)

vigilology (664683) | more than 9 years ago | (#13022871)

Thankyou.

Re:Just remember... (1)

jd (1658) | more than 9 years ago | (#13024444)

Hey, no problem! :) Sorry I didn't have the link in the original post, I'm usually better on doing that.

I didn't know anyone (1)

VolciMaster (821873) | more than 9 years ago | (#13007866)

was still using versions that old. I've been on 6 and/or 7 (depending on work/home) since they came out and haven't seen the problems mentioned.

I'll see your flaw, and raise you DRM (4, Interesting)

hacker (14635) | more than 9 years ago | (#13008021)

"Adobe has since posted a fix for the vulnerability on its site, and a spokesman said Wednesday he was unaware of any security breaches resulting from the software flaw..."

Two words: Show me .

Prove that the "flaw" exists. Just saying "Clicking on the whatchamacallit causes bad things to happen, please upgrade." isn't enough.

Show me that this isn't some FUD to force users to upgrade to a version that isn't riddled with the latest DRM that they "forgot" to put into those versions?

Show me that this version doesn't fix a vulnerability that exposes passwords in PDFs read with it.

Show me that this isn't more ass-covering by Adobe, again.

Until then, xpdf, gpdf and other non-Adobe variants are all working fine. Nothing to see here, move along.

A real flaw (1)

SkiifGeek (702936) | more than 9 years ago | (#13010881)

I don't know whether you read the actual details of the flaw, or not. From your response, I doubt that you did.

Essentially, whenever Reader 5.0.9 or 5.0.10 opens a PDF file, it creates a randomly named duplicate in /tmp which can then be read by other users with the appropriate permissions, which makes it a local file disclosure vulnerability. When the file is closed in Reader, the duplicate created is then destroyed.

In addition to the recommended upgrade to version 7, there is a version 5.0.11 which addresses this issue, otherwise, nice troll.

Re:A real flaw (1)

hacker (14635) | more than 9 years ago | (#13012506)

Essentially, whenever Reader 5.0.9 or 5.0.10 opens a PDF file, it creates a randomly named duplicate in /tmp which can then be read by other users with the appropriate permissions, which makes it a local file disclosure vulnerability.

So in version 7, I see that it creates the temp copy in RAM (mkstmp()), but now its vulnerable to be read in a much different way. On Hyperthreaded processors (i.e. multicore from Intel), since the processor itself has a shared cache, both cores need to be able to read from it. If one core opens the pdf, any process running on the other core can read the contents as they pass across the cache. Oops!

In addition to the recommended upgrade to version 7, there is a version 5.0.11 which addresses this issue, otherwise, nice troll.

As others have mentioned [lwn.net] , the recommended upgrade also adds some defaults to a new feature that allows the pdf to "phone home" when opened. Sure, 5.0.11 fixes the flaw, but 99% of the users who are asked to upgrade will try to find the latest version they can, and upgrade to that. In this case, that means the "phone home" version.

Re:A real flaw (1)

Magic5Ball (188725) | more than 9 years ago | (#13012975)

If one core opens the pdf, any process running on the other core can read the contents as they pass across the cache. Oops!

Not a problem specific to Adobe...

I wish more OS's would do what Apple did (1)

white1827 (848173) | more than 9 years ago | (#13008798)

Adobe's reader has turned into this huge bloated mess. The more complicated you make the software, the easier it is to have security holes slip by.
Apple has great PDF reading and generation that comes free with OSX so you don't have to use the Adobe Reader. It's so nice to have a simple fast loading pdf solution.

Adobe flaw (1)

AdminPrep.com (898146) | more than 9 years ago | (#13008982)

hacker (14635), While I see your point that this could be a great way to have users upgrade to the new version I also see the point of not showing how to exploit the flaw as well. If it is indeed a flaw then I'm sure the flaw has been exposed on the Internet or irc channels. AdminPrep.com

Acrobat alternative (1)

ditto999999999999999 (546129) | more than 9 years ago | (#13009922)

I use Foxit Read (http://www.foxitsoftware.com/pdf/rd_intro.php [foxitsoftware.com] ) as a replacement for Acrobat Reader. It seems to be faster, and that makes me happy.

Andy

Re:Acrobat alternative (1)

ditto999999999999999 (546129) | more than 9 years ago | (#13009936)

Damnit... there goes my real first name.

Brevity is... (1)

b00m3rang (682108) | more than 9 years ago | (#13010966)

Considering the forum, I'm pretty sure the submitter could have said "UNIX" instead of "the Unix computer operating system".

Most of us would have figured that one out.

37MB+ just to open PDFs (1)

anim8 (109631) | more than 9 years ago | (#13011769)

I couldn't believe my eyes when I saw it. I suppose I'll go bakc to using KPDF or KGhostview.

It's too bad what has become of Adobe. Bloatware + Spyware. It used to be a cool company.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?