3891 matches found
EUVD-2022-51760
Malicious code in bioql PyPI...
Metasploit Wrap-Up 10/03/2025
Windows LNK and Linux persistence This week, happybear-21 introduced four new modules that abuse Windows Shell Link LNK to execute various attacks. Three of these modules are designed to trigger authentication attempts to a remote server, facilitating the harvesting of NTLM authentication...
NewStart CGSL MAIN 6.06 : systemd Multiple Vulnerabilities (NS-SA-2025-0220)
The remote NewStart CGSL host, running version MAIN 6.06, has systemd packages installed that are affected by multiple vulnerabilities: - A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages....
NewStart CGSL MAIN 6.06 : NetworkManager Multiple Vulnerabilities (NS-SA-2025-0213)
The remote NewStart CGSL host, running version MAIN 6.06, has NetworkManager packages installed that are affected by multiple vulnerabilities: - A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected...
Service SystemD override.conf Persistence
This module will create an override.conf file for a SystemD service on the box. The ExecStartPost hook is used to launch the payload after the service is started. We need enough access typically root to write in the /etc/systemd/system directory and potentially restart services. Verified on Ubunt...
Avoid Using Programs Labeled unconfined_service_t
The purpose of setting the unconfinedservicet label for SELinux is to enable some third-party service processes not configured with SELinux policies to run without restrictions. By default, when systemd runs a third-party application whose label is bint or usrt generally located in directories su...
Do Not Start the debug-shell Service
The debug-shell service is used to locate faults that occur during system boot. This service is installed with systemd. The debug-shell service requires no authentication, that is, attackers can access the root shell by simply pressing Ctrl+Alt+F9 during systemd startup when the OS is booting. Th...
DEBIAN-CVE-2025-39866
In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...
Service SystemD Persistence
This module will create a service on the box, and mark it for auto-restart. We need enough access to write service files and potentially restart services Targets: CentOS 7 Debian = 7, = 15 Ubuntu = 15.04 Verified on Ubuntu 18.04.3 Module Options msf use exploit/linux/persistence/initsystemd msf...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2025-2141)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2025-2151)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : systemd (EulerOS-SA-2025-2151)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binar...
EulerOS 2.0 SP13 : systemd (EulerOS-SA-2025-2141)
According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binar...
SUSE CVE-2025-39756
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
[SECURITY] Fedora 43 Update: rust-monitord-0.12.1-3.fc43
monitord is a library and daemon to gather statistics about systemd...
CVE-2025-39756
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
UBUNTU-CVE-2025-39756
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
CVE-2025-39756
CVE-2025-39756 is a Linux kernel issue where extremely high nr_open values (e.g., 1073741816) can trigger massive file descriptor table allocations that exceed INT_MAX, causing a kernel warning and impractical memory requests (>8GB) during operations near the FD limit. The root cause involves ...
CVE-2025-39756 fs: Prevent file descriptor table allocations exceeding INT_MAX
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...
[SECURITY] Fedora 41 Update: rust-monitord-0.10.1-2.fc41
monitord is a library and daemon to gather statistics about systemd...