8 matches found
ROS-20220128-01
The vulnerability in the Polkit library for UNIX-like operating systems is related to improper handling of the number of call parameters in the pkexec setuid binary, which causes the binary to executes environment variables as commands. Exploitation of the vulnerability could allow an attacker to...
Dnsmasq Detection Consolidation
Consolidation of Dnsmasq detections. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...
CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
Update Feb 3, 2021: It has been reported that macOS, AIX, and Solaris are also vulnerable to CVE-2021-3156, and that others may also still be vulnerable. Qualys has not independently verified the exploit. Original Post: The Qualys Research Team has discovered a heap overflow vulnerability in sudo...
Design/Logic Flaw
In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...
CVE-2020-26235
CVE-2020-26235 affects the Rust time crate: versions 0.2.7 through before 0.2.23 can segfault on unix-like OSes when an environment variable is set from another thread, due to a dangling pointer dereference. Affected functions include time::UtcOffset::local_offset_at, try_local_offset_at, current...
Misp-Dashboard - A Dashboard For A Real-Time Overview Of Threat Intelligence From MISP Instances
A dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each...
Important Photon OS Security Update - PHSA-2018-0105
Updates of 'linux', 'linux-esx' packages of Photon OS have been released...
Multipurpose Sniffer: Ettercap
Ettercap is a multipurpose sniffer / interceptor/logger for switched LAN Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN . It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems...