This Shmoocon presentation by Jon Larimer from IBM X-Force starts off with a definition of autorun vulnerabilities and some examples from Windows, then jumps straight into the Linux side of things. Larimer explains how attackers can abuse these features to gain access to a live system by using a USB flash drive. He also shows how USB as an exploitation platform can allow for easy bypass of protection mechanisms like ASLR and how these attacks can provide a level of access that other physical attack methods do not.
USB autorun attack hits Linux
Posted on Tuesday, February 08 2011 @ 2:26 CET by Thomas De Maesschalck
Slashdot reports hackers have crafted a USB autorun attack that attacks Linux: