Announcement

Collapse
No announcement yet.

Apache OpenOffice Vulnerable To One-Click Code Execution

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Apache OpenOffice Vulnerable To One-Click Code Execution

    Phoronix: Apache OpenOffice Vulnerable To One-Click Code Execution

    If you are still relying on Apache OpenOffice in 2021 you might want to really make it a goal this year to transition to the much more featureful LibreOffice, but in any case you'll want to move at least to OpenOffice 4.1.10...

    https://www.phoronix.com/scan.php?pa...-Vulnerability

  • #2
    Uninstall that trash and install LibreOffice.

    Comment


    • #3
      Who still runs OpenOffice seemingly deserves that.

      Comment


      • #4
        I wonder who these 2.4 Million people (bots?) are that download AOO. AOO is quite dead. For a long time. They should really transfer naming rights to the TDF/LibO. And redirect to the website. There's no use in wasting engineering power and people still downloading an inferior product that is not really actively developed.
        Sometimes multiple solutions are good to have an alternative, but those come from the same origin. Just one branch is totally withered now.
        Stop TCPA, stupid software patents and corrupt politicians!

        Comment


        • #5
          Wait, the so-called "vulnerability" was that no warning dialog is displayed when clicking a link?
          I hope there is more to this than what this article and the blog post state.

          Comment


          • #6
            Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

            One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.

            Comment


            • #7
              Originally posted by andyprough View Post
              Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

              One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.
              lol you mean someone made a malware and called it systemd-something, therefore it's a problem with systemd?

              I'm going to create a profile called andyprough-factual, and spread (more) conspiracies in your name, it will be your fault, right?

              Comment


              • #8
                Originally posted by andyprough View Post
                Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

                One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.
                Not even is a systemd deamon, the binary was just named "systemd-deamon" to be less likely to be detected by layer 8 error containing system admins. Non of that code was ever in systemd, so no, your malware with the funny name is not part of this ubiquitous software.

                "The association with systemd, a widely used system and session manager for Linux, may have been chosen by the malware authors to make the malicious code less likely to be noticed by administrators reviewing logs and process lists.""

                Edit: it seems the anti-systemd movement as a whole drifts down into conspiracy land. I just yesterday learned that there are people who claim journald's binary log format is malware and that there is a NTP server included in the default setup is "calling home". Its not even funny anymore, its just sad.
                Alexmitter
                Senior Member
                Last edited by Alexmitter; 04 May 2021, 10:44 AM.

                Comment


                • #9
                  2.4 million downloads
                  it must be our priority to educate all persons

                  Comment


                  • #10
                    Originally posted by Alexmitter View Post
                    Not even is a systemd deamon, the binary was just named "systemd-deamon" to be less likely to be detected by layer 8 error containing system admins. Non of that code was ever in systemd, so no, your malware with the funny name is not part of this ubiquitous software.
                    Here are the known nasty md5's:
                    systemd-daemon 1d45cd2c1283f927940c099b8fab593b 0/61 2018-05-16 04:22:59
                    systemd-daemon 11ad1e9b74b144d564825d65d7fb37d6 0/58 2018-12-25 08:02:05
                    systemd-daemon 5c0f375e92f551e8f2321b141c15c48f 0/56 2020-05-08 05:50:06
                    gvfsd-helper 64f6cfe44ba08b0babdd3904233c4857 0/61 2021-01-18 13:13:19
                    https://blog.netlab.360.com/stealth_...o_backdoor_en/

                    Here's a command to check for them:
                    sudo find / \( -name "gvfsd-helper" -o -name "systemd-daemon" \) -exec md5sum {} \;
                    https://hackaday.com/2021/04/30/this...pv4-addresses/

                    Time to get to checking, systemd fanboys. Some sysadmins are going to get paid overtime this week...

                    Comment

                    Working...
                    X