116 matches found
Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
The Qualys Research Team has discovered two vulnerabilities in multipathd, the most important of which can be exploited for authorization bypass. Qualys recommends security teams apply patches for these vulnerabilities as soon as possible. The Qualys Research Team combined these two vulnerabiliti...
cockpit bug fix and enhancement update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...
New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"
A new covert Linux kernel rootkit named Syslogk has been spotted under development in the wild and cloaking a malicious payload that can be remotely commandeered by an adversary using a magic network traffic packet. "The Syslogk rootkit is heavily based on Adore-Ng but incorporates new...
RLSA-2022:2008 Moderate: cockpit security, bug fix, and enhancement update
Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. The following packages have been upgraded to a later upstream version: cockpit 264....
cockpit bug fix and enhancement update
An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...
Control Web Panel bugs cause remote code execution in Linux servers
...
Linux Servers at Risk of RCE Due to Critical CWP Bugs
Researchers have discovered two critical bugs in Control Web Panel CWP – a popular web hosting management software used by 200,000+ servers – that could allow for remote code execution RCE as root on vulnerable Linux servers. CWP, formerly known as CentOS Web Panel, is an open-source Linux contro...
Critical Bugs in Control Web Panel Expose Linux Servers to RCE Attacks
Researchers have disclosed details of two critical security vulnerabilities in Control Web Panel that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution on affected servers. Tracked as CVE-2021-45467, the issue concerns a case of a file inclusion...
[SECURITY] Fedora 34 Update: cockpit-260-1.fc34
The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...
The vulnerability of the malware scanning service of the Linux web server security platform Imunify360 allows a hacker to execute arbitrary commands.
The vulnerability of the Ai-Boilt malware scanning service for Linux web servers running Imunify360 is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created malware file...
[SECURITY] Fedora 34 Update: cockpit-254-1.fc34
The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...
Exploit for CVE-2021-38647
OMIGOD Proof on Concept Exploit for CVE-2021-38647 OMIGOD F...
Golang Cryptomining Worm Offers 15% Speed Boost
A freshly discovered variant of the Golang crypto-worm was recently spotted dropping Monero-mining malware on victim machines; in a switch-up of tactics, the payload binaries are capable of speeding up the mining process by 15 percent, researchers said. According to research from Uptycs, the worm...
Raft of Exim Security Holes Allow Linux Mail Server Takeovers
A veritable cornucopia of security vulnerabilities in the Exim mail server have been uncovered, some of which could be chained together for unauthenticated remote code execution RCE, gaining root privileges and worm-style lateral movement, according to researchers. The Qualys Research Team has...
SYS.1.3.A17
Es SOLLTEN speziell gehaertete Kernels z. B. grsecurity, PaX und geeignete Schutzmassnahmen wie Speicherschutz oder Dateisystemabsicherung umgesetzt werden, die eine Ausnutzung von Schwachstellen und die Ausbreitung im Betriebssystem verhindern. Copyright C 2021 Greenbone Networks GmbH Some text...
Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies
An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...
Stantinko Botnet Now Targeting Linux Servers to Hide Behind Proxies
An adware and coin-miner botnet targeting Russia, Ukraine, Belarus, and Kazakhstan at least since 2012 has now set its sights on Linux servers to fly under the radar. According to a new analysis published by Intezer today and shared with The Hacker News, the trojan masquerades as HTTPd, a commonl...
New worming botnet Gitpaste-12 infecting IoT devices, Linux servers
By Waqas Gitpaste-12 uses GitHub and Pastebin for framing the component code and has 12 different attack modules. This is a post from HackRead.com Read the original post: New worming botnet Gitpaste-12 infecting IoT devices, Linux servers...
Gitpaste-12 Worm Targets Linux Servers, IoT Devices
Researchers have uncovered a new worm targeting Linux based x86 servers, as well as Linux internet of things IoT devices that are based on ARM and MIPS CPUs. Of note, the malware utilizes GitHub and Pastebin for housing malicious component code, and has at least 12 different attack modules...