27 matches found
Privilege escalation
A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated sudo permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions an...
CVE-2018-18556
A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated sudo permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions an...
CVE-2018-18555
A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to th...
CVE-2018-18555
CVE-2018-18555 affects VyOS 1.1.8, where the restricted management shell for operator users can be escaped by issuing shell special characters, allowing an authenticated operator to break out to the underlying Linux shell and execute arbitrary OS commands with the user’s privileges. Documents con...
CVE-2018-18556
CVE-2018-18556 affects VyOS 1.1.8. It is a privilege-escalation flaw where an operator user can run the pppd binary with elevated (sudo) permissions due to an insecure default configuration, combined with improper validation of certain input parameters. An attacker with operator privileges can le...
PT-2018-14514 · Vyos · Vyos
Name of the Vulnerable Software and Affected Versions: VyOS version 1.1.8 Description: A privilege escalation issue was found, allowing operator users to execute the pppd binary with elevated permissions due to the default configuration. The issue is exacerbated by improper validation of certain...
High Performance DoS Analyzer: FastNetMon
High Performance DoS Analyzer FastNetMon – A high performance DoS/DDoS load analyzer built on top of multiple packet capture engines NetFlow, IPFIX, sFLOW, SnabbSwitch, netmap, PFRING, PCAP. What can we do? We can detect hosts in our networks sending or receiving large volumes of...