EUVD-2020-24478

Malware in sbrugna...

Cisco IOS XE Software Command Injection (cisco-sa-ngwc-cmdinj-KEwWVWR)

According to its self-reported version, Cisco IOS XE Software is affected by a command injection vulnerability due to insufficient input validation of boot options. An authenticated, local attacker with root privileges can exploit this, by modifying device boot options, to execute arbitrary...

CVE-2020-3207

A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system OS to conduct a command injection attack during device boot. This vulnerability is due to insufficien...

FixMeStick PRO : Best remote malware remediation product

This week Corey and Marty over at FixMeStick shared the specs of their recently released FixMeStick PRO with me. This Pro is the best remote malware remediation product we've seen. It retails for $299.99 per year, or $209.99 for the first 50 'The Hacker News' readers use coupon code 'THNFIX' for...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

CVE-2009-3525 Xen: PyGrub missing support for password configuration command The pyGrub boot loader did not honor the 'password' option in the grub.conf file for para-virtualized guests. Users with access to a guest's console could use this flaw to bypass intended access restrictions and boot the...

RedHat Security Advisory RHSA-2009:1472

The remote host is missing updates announced in advisory RHSA-2009:1472. Xen is an open source virtualization framework. Virtualization allows users to run guest operating systems in virtual machines on top of a host operating system. The pyGrub boot loader did not honor the password option in th...