31 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that hides inside binary executable files triggered by a postinstall script. IronWorm is a sophisticated, Rust-based infostealer that functions as a self-replicating supply-chain attack. Its primary characteristi...
EUVD-2018-11765
Malware in sbrugna...
EUVD-2000-1128
Malware in sbrugna...
EUVD-2008-5055
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a...
RHEL 6 : procps (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - procps-ng, procps: Local privilege escalation in top CVE-2018-1122 - procps-ng, procps is vulnerable to a...
RHEL 7 : procps-ng,_procps (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - procps-ng, procps: process hiding through race condition enumerating /proc CVE-2018-1121 - procps-ng befo...
RHEL 6 : procps-ng,_procps (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - procps-ng, procps: Local privilege escalation in top CVE-2018-1122 - procps-ng, procps is vulnerable to a...
Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to...
Race condition
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...
DEBIAN-CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...
CVE-2018-1121
CVE-2018-1121 affects procps, procps-ng up to version 3.3.15. The issue is a race in reading /proc/PID entries where a high-PID process can observe enumeration with inotify and fork/exec to obtain a lower PID, enabling an unprivileged attacker to hide a process from procps-ng utilities. Connected...
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...
Procps-ng - Multiple Vulnerabilities
Procps-ng - Multiple Vulnerabilities Qualys Security Advisory Procps-ng Audit Report ======================================================================== Contents ======================================================================== Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged...
Procps-ng - Multiple Vulnerabilities
Exploit for linux platform in category local exploits Procps-ng Audit Report ======================================================================== Contents ======================================================================== Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged process...
Procps-ng - Multiple Vulnerabilities
Qualys Security Advisory Procps-ng Audit Report ======================================================================== Contents ======================================================================== Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged process hiding 3. Local Privilege...
Procps-ng Audit Report
Qualys Security Advisory Procps-ng Audit Report ======================================================================== Contents ======================================================================== Summary 1. FUSE-backed /proc/PID/cmdline 2. Unprivileged process hiding 3. Local Privilege...
CVE-2018-1121
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's procpidreaddir returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list is being scanned, and fork/exec to obtain a lower...