ABRT raceabrt Privilege Escalation

This module attempts to gain root privileges on Linux systems with a vulnerable version of Automatic Bug Reporting Tool ABRT configured as the crash handler. A race condition allows local users to change ownership of arbitrary files CVE-2015-3315. This module uses a symlink attack on...

Excerpts from The Ransomware Economy: Projections

Carbon Black recently published an investigative report on the Dark Web marketplace for ransomware. This is the final excerpt from that report, which you can find here. For more information about the rise of ransomware, and what you can do about it, check out the Ransomware Epidemic: Stop Bad...

CVE-2017-5117

Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...

7 Predictions for Ransomware’s Evolution

During the past six months, the Carbon Black Threat Analysis Unit TAU analyzed more than 1,000 ransomware samples, categorizing them into 150 families, and found attackers are looking to make quick, easy money with unsophisticated malware, combined with sophisticated delivery methods. Our samplin...

Linux system pdf parsing library poppler has a heap overflow vulnerability

Poppler is used to generate a PDF of the C++ class library , from xpdf inheritance. poppler's FoFiType1C::convertToType0 function there is a heap overflow vulnerability , an attacker can exploit the vulnerability caused by the process crash...

UPDATE: Gloom-Framework v1.7.5

PenTestIT RSS Feed Update time guys! Please refer my initial blog post about this open source penetration testing framework for Kali Linux. I just saw that it has been updated and we now have Gloom-Framework v1.7.5 with new features and a lot of bug fixes. Actually, it was updated quiet a number ...

CVE-2017-7794

On Linux systems, if the content process is compromised, the sandbox broker will allow files to be truncated even though the sandbox explicitly only has read access to the local file system and no write permissions. Note: This attack only affects the Linux operating system. Other operating system...

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

Remember SambaCry? Two weeks ago we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software re-implementation of SMB networking protocol that allows a remote hacker to take full control of a vulnerable Linux and Unix machines. To know more about the...

Lynis 2.5.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

util-linux local denial of service vulnerability

util-linux is a set of software packages used in Linux systems and contains a variety of system administration tools, it provides tools to load, unload, format, partition and manage hard drives, open tty ports and get kernel messages. A local denial of service vulnerability exists in util-linux. ...

Linux Malware Detect: LMD

Linux Malware Detect LMD is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and...

Using the Nintendo's 6502 processor instruction for Desktop Linux systems to exploit-vulnerability warning-the black bar safety net

gstreamer 0.10. x player NSF format of the music file when a vulnerability exists and a separate logic errors. A combination of both, you can achieve the very stability of the exploit method, and can bypass the 64-bit ASLR, DEP and so on. The so-called stable because the music player available in...

Cryptsetup Vulnerability Grants Root Shell Access on Some Linux Systems

A vulnerability in cryptsetup, a utility used to set up encrypted filesystems on Linux distributions, could allow an attacker to retrieve a root rescue shell on some systems. From there, an attacker could have the ability to copy, modify, or destroy a hard disk, or use the network to exfiltrate...

GNU Bash Local Code Execution Vulnerability

GNU Bash is a shell command language interpreter written by American software developer Brian J. Fox for the GNU Project, which runs on Unix-like operating systems the default shell for Linux systems and is capable of reading from, and executing commands from, a standard input device or file, as...

Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 — Mozilla

Security researcher Bert Massop reported a crash in the Cairo graphics layer on Linux systems using the LibAV library included in version 0.10 of the FFmpeg library. This was due to an error when allocating the LibAV header when decoding some videos...

CVE-2016-4217

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...

Idera Up.time Agent Information Disclosure Vulnerability

Idera Up.time Agent is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 21 Update: perl-IPTables-Parse-1.5-2.fc21

The IPTables::Parse package provides an interface to parse iptables rules on Linux systems through the direct execution of iptables commands, or from parsing a file that contains an iptables policy listing. You can get the current policy applied to a table/chain, look for a specific user-defined...

CVE-2000-0800

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges...

CVE-1999-0002

Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems...