OESA-2024-2018 pcp security update

PCP provides a range of services that may be used to monitor and manage system performance. These services are distributed and scalable to accommodate the most complex system configurations and performance problems. Security Fixes: A vulnerability has been identified in the Performance Co-Pilot P...

CVE-2023-6917

performancecopilot/pcp is vulnerable to Creation of Temporary File With Insecure Permissions. The vulnerability is due to the mixed privilege levels utilized by systemd services associated with the package. While certain services operate within the confines of limited user/group privileges, other...

LARE - [L]ocal [A]uto [R]oot [E]xploiter is a Bash Script That Helps You Deploy Local Root Exploits

L ocal A uto R oot E xploiter is a simple bash script that helps you deploy local root exploits from your attacking machine when your victim machine do not have internet connectivity. The script is useful in a scenario where your victim machine do not have an internet connection eg. while you piv...

Kemoge Malicious Adware Campaign

Google has been busy removing a number of apps from Google Play that are disguised as popular selections that are actually pushing what starts out as adware but eventually turns more malicious. Google has already yanked down a file-transfer app called ShareIt, developed by Zhang Long of China, wh...

openSUSE Security Update : kernel (openSUSE-SU-2010:0655-1)

This update of the openSUSE 11.3 kernel fixes two local root exploits, various other security issues and some bugs. Following security issues are fixed by this update: CVE-2010-3301: Mismatch between 32bit and 64bit register usage in the system call entry path could be used by local attackers to...

PREC Tool prevents Android Device from Root Exploit hidden in Malicious apps

Smartphones are always ready to connect to the Internet and contains sensitive information such as Contacts, SMS, Photos, and GPS information and this sensitive information is always in danger of leakage. According to a report, Cyber criminals and state-sponsored hackers are developing 55,000 new...

Spamtitan Backdoors

a few month ago backdoors in barracuda was found https://www.schneier.com/blog/archives/2013/01/backdoorsbuilt.html http://www.theregister.co.uk/2013/01/24/barracudabackdoor/ apparently their competitor spamtitan was quick making fun of them...

Mandrake Linux Security Advisory : glibc (MDKSA-2000:045-1)

A bug was discovered in ld.so that could allow local users to obtain root privileges. The dynamic loader, ld.so, is responsible for making shared libraries available within a program at run-time. Normally, a user is allowed to load additional shared libraries when executing a program; they can be...

Mandrake Linux Security Advisory : tmpwatch (MDKSA-2000:056)

Previous versions of tmpwatch contained a local denial of service and root exploits. This is due to using the fork command to recursively process subdirectories which would allow a local user to perform a denial of service attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...

Debian Security Advisory DSA 470-1 (kernel-image-2.4.17-hppa)

The remote host is missing an update to kernel-image-2.4.17-hppa announced via advisory DSA 470-1. OpenVAS Vulnerability Test $Id: deb4701.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 470-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 475-1 (kernel-image-2.4.17-hppa)

The remote host is missing an update to kernel-image-2.4.17-hppa announced via advisory DSA 475-1. OpenVAS Vulnerability Test $Id: deb4751.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 475-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 450-1 (kernel-source-2.4.19, kernel-patch-2.4.19-mips)

The remote host is missing an update to kernel-source-2.4.19, kernel-patch-2.4.19-mips announced via advisory DSA 450-1. OpenVAS Vulnerability Test $Id: deb4501.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 450-1 Authors: Thomas Reinke Copyright: Copyrigh...

Debian Security Advisory DSA 439-1 (kernel)

The remote host is missing an update to kernel-image-2.4.16-lart, kernel-image-2.4.16-netwinder, kernel-image-2.4.16-riscpc, kernel-patch-2.4.16-arm announced via advisory DSA 439-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and...

Debian Security Advisory DSA 475-1 (kernel-image-2.4.17-hppa)

The remote host is missing an update to kernel-image-2.4.17-hppa announced via advisory DSA 475-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

Debian Security Advisory DSA 450-1 (kernel-source-2.4.19, kernel-patch-2.4.19-mips)

The remote host is missing an update to kernel-source-2.4.19, kernel-patch-2.4.19-mips announced via advisory DSA 450-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian Security Advisory DSA 439-1 (kernel)

The remote host is missing an update to kernel-image-2.4.16-lart, kernel-image-2.4.16-netwinder, kernel-image-2.4.16-riscpc, kernel-patch-2.4.16-arm announced via advisory DSA 439-1. OpenVAS Vulnerability Test $Id: deb4391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from...

AIX 5.3 : IY68463

The remote host is missing AIX Critical Security Patch number IY68463 SECURITY: Local root exploits in perl 5.8.x. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc...

AIX 5.2 : IY68464

The remote host is missing AIX Critical Security Patch number IY68464 SECURITY: Local root exploits in perl 5.8.x. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc...

AIX 5.1/5.2/5.3 local root exploits

hi, i found some local security holes in IBM's AIX versions 5.1, 5.2 and 5.3 unix for IBM RS/6000 powerpc. 1 the first is a bug in all setuid diag related tools that use an environment variable as a prefix to an external binary executed as root. 2 the second is a classical stack overflow in a too...

Debian DSA-440-1 : linux-kernel-2.4.17-powerpc-apus - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PowerPC/Apus kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...