19 matches found
A Self-Enforcing Protocol to Solve Gerrymandering
In 2009, I wrote: There are several ways two people can divide a piece of cake in half. One way is to find someone impartial to do it for them. This works, but it requires another person. Another way is for one person to divide the piece, and the other person to complain to the police, a judge, o...
SYS.2.3.A8
Zur Beschraenkung der Zugriffsrechte von Anwendungen auf Dateien, Geraete und Netze SOLLTE App-Armor oder SELinux eingesetzt werden. Es SOLLTEN die von dem jeweiligen Unix-Derivat bzw. der Linux-Distribution am besten unterstuetzten Loesungen eingesetzt werden. Die notwendigen Anwendungen SOLLTEN...
CVE-2020-28935
A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying th...
Securing the International IoT Supply Chain
Together with Nate Kim former student and Trey Herr Atlantic Council Cyber Statecraft Initiative, I have written a paper on IoT supply chain security. The basic problem we try to solve is: how to you enforce IoT security regulations when most of the stuff is made in other countries? And our...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists as the fix for CVE-2011-2482 provided by RHSA-2011:1212 introduced a regression: on systems that do not have Security-Enhanced Linux SELinux in Enforcing mode, a socket lock race could occur between sctprcv and sctpaccept. A...
Linux: Read /etc/selinux/config (KB)
The /etc/selinux/config configuration file controls whether SELinux is enabled or disabled, and if enabled, whether SELinux operates in permissive mode or enforcing mode. The SELINUX variable may be set to any one of disabled, permissive, or enforcing to select one of these options. The disabled...
Content Delivery Networks handle HTTP headers in different and unexpected ways
Overview A Content Delivery Network CDN is a distributed network of proxy servers that deliver web content collected from a back end web server using a temporary local storage called a cache. HTTP cache poisoning is a type of attack that allows a remote attacker to inject arbitrary content using...
A Second Life for the 'Do Not Track' Setting—With Teeth
In recent years, the setting has been criticized as being essentially meaningless. But it might have a crucial role to play in enforcing privacy regulations...
CVE-2018-10913
An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. Mitigation SELinux mitigates this issue on Red Hat Gluster Storage 3. SELinux should be in enforcing mode only as permissi...
CVE-2018-1063
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state...
Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes)
Title: x86 SELinux change between permissive and enforcing modes shellcode Date: 20-02-2017 Author: Krzysztof Przybylski Platform: Linx86 Tested on: CentOS 6.8 i686 Shellcode Size: 45 bytes ID: SLAE - 871 / 1. Description: SELinux mode switcher. Permissive = "\x30"; Enforcing = "\x31" gcc...
Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes)
Linux/x86 - SELinux Permissive Mode Switcher Shellcode 45 bytes. Shellcode exploit for Linx86 platform Title: x86 SELinux change between permissive and enforcing modes shellcode Date: 20-02-2017 Author: Krzysztof Przybylski Platform: Linx86 Tested on: CentOS 6.8 i686 Shellcode Size: 45 bytes ID:...
Information Disclosure
nanoc is vulnerable to information disclosure. It does not check if the requested resources embedded within HTML documents are using a protocol that degrades the security of the original connection. If the browsers do not enforce consistent protocols, it is possible to leak private information...
SSL/TLS: HTTP Strict Transport Security (HSTS) Missing
The remote web server is not enforcing HTTP Strict Transport Security HSTS. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j does not properly enforce the no-ssl3 build option, which allows remote attackers to bypass intended access restrictions via an SSL 3.0 handshake, related to s23clnt.c and s23srvr.c...
SuSE 11.3 Security Update : curl (SAT Patch Number 9133)
This curl update fixes the following security issues : - wrong re-use of connections. CVE-2014-0138. bnc868627 - IP address wildcard certificate validation. CVE-2014-0139. bnc868629 - --insecure option inappropriately enforcing security safeguard. bnc870444 %NASLMINLEVEL 70300 C Tenable Network...
Scientific Linux Security Update : setroubleshoot on SL5.x i386/x86_64
A flaw was found in the way sealert wrote diagnostic messages to a temporary file. A local unprivileged user could perform a symbolic link attack, and cause arbitrary files, writable by other users, to be overwritten when a victim runs sealert. CVE-2007-5495 A flaw was found in the way sealert...
The Value of Self-Enforcing Protocols
By Bruce Schneier There are several ways two people can divide a piece of cake in half. One way is to find someone impartial to do it for them. This works, but it requires another person. Another way is for one person to divide the piece, and the other person to complain to the police, a judge, o...
KLA10136 OSI vulnerability in DeviceLock
Improper ACL enforcing was found in DeviceLock. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited locally. Original advisories - Related products DeviceLock CVE list CVE-2006-4184 warning Solution Update to latest version Impact...