CVE-2019-15599

A Code Injection exists in tree-kill on Windows which allows a remote code execution when an attacker is able to control the input into the command...

CVE-2019-15599

The vulnerability CVE-2019-15599 affects the Windows component of the Node package tree-kill, where the input to the kill() function is not properly sanitized and is concatenated into an exec() call. This leads to remote code execution if an attacker provides controlled input. Public advisories c...

14 Ways to Evade Botnet Malware Attacks On Your Computers

Cybercriminals are busy innovators, adapting their weapons and attack strategies, and ruthlessly roaming the web in search of their next big score. Every manner of sensitive information, such as confidential employee records, customers' financial data, protected medical documents, and government...

Command Injection

Overview Versions of tree-kill prior to 1.2.2 are vulnerable to Command Injection. The package fails to sanitize values passed to the kill function. If this value is user-controlled it may allow attackers to run arbitrary commands in the server. The issue only affects Windows systems...

Rethinking cyber learning—consider gamification

As promised, I’m back with a follow-up to my recent post, Rethinking how we learn security, on how we need modernize the learning experience for cybersecurity professionals by gamifying training to make learning fun. Some of you may have attended the recent Microsoft Ignite events in Orlando and...

CVE-2019-19051

A flaw was found in the way the Linux kernel's WiMAX i2400 driver handled memory release in certain error codes path in the RF kill switch control function. A local attacker able to control the device could use this flaw to crash the system. Mitigation As the i2400m module will be auto-loaded whe...

Code injection

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes...

CVE-2012-6136

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes...

From Thousands of Security Alerts to a Handful of Insights

Understanding an attacker’s workflow and how Attack Analytics hunts them down In recent years we’ve seen a significant increase in the number and complexity of cyber-attacks. The accessibility of public tools and their automation capabilities, as well as distributed and anonymization features tha...

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...

CVE-2013-1820

tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service...

CVE-2013-1820

CVE-2013-1820 concerns the tuned daemon (tuned before 2.x) where insecure permissions on tuned’s ktune service allow local users to kill running processes. Multiple sources (NVD entry, Debian/Ubuntu advisories, Red Hat/Nessus plugins) confirm the vulnerability stems from improper access control o...

MS08-032: Critical security update of ActiveX kill bits

Resolves a privately reported vulnerability that could allow remote code execution if a user views a specially crafted Web page by using Internet Explorer.INTRODUCTION Microsoft has released security bulletin MS08-032. The security bulletin contains all the relevant information about the security...

Linux kernel null pointer dereference vulnerability (CNVD-2019-42388)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A null pointer dereference vulnerability exists in rdstcpkillsock in net/rds/tcp.c in the Linux kernel. An attacker...

CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0...

UBUNTU-CVE-2019-18680

An issue was discovered in the Linux kernel 4.4.x before 4.4.195. There is a NULL pointer dereference in rdstcpkillsock in net/rds/tcp.c that will cause denial of service, aka CID-91573ae4aed0...

openSUSE Security Update : procps (openSUSE-2019-2376)

This update for procps fixes the following issues : procps was updated to 3.3.15. bsc1092100 Following security issues were fixed : - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved...

CVE-2019-2389

Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects MongoDB Server v4.0 versions prior to 4.0.11;...

FreeBSD : mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name. (273c6c43-e3ad-11e9-8af7-08002720423d)

Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports : Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. C Tenable...

Node.js third-party modules: [tree-kill] RCE via insecure command concatenation (only Windows)

I would like to report a RCE issue in the tree-kill module. It allows to execute arbitrary commands remotely inside the victim's PC Module module name: tree-kill version: 1.2.1 npm page: https://www.npmjs.com/package/tree-kill Module Description Kill all processes in the process tree, including t...