Displaying 20 results from an estimated 10000 matches similar to: "what percent of time are there unpatched exploits against default config?"
2012 Jan 16
2
bounties for exploits against CentOS?
With companies like Facebook and Google offering cash prizes for people
who can find security holes in their products, has there ever been any
consideration given to offering cash rewards to people finding security
exploits in CentOS or in commonly bundled services like Apache?
(Provided of course they follow "responsible disclosure" and report the
exploit to the software authors
2012 Jan 01
11
an actual hacked machine, in a preserved state
(Sorry, third time -- last one, promise, just giving it a subject line!)
OK, a second machine hosted at the same hosting company has also apparently
been hacked. Since 2 of out of 3 machines hosted at that company have now
been hacked, but this hasn't happened to any of the other 37 dedicated
servers that I've got hosted at other hosting companies (also CentOS, same
version or almost),
2015 Aug 13
2
unpatched local root on centos 5?
Hi List,
Looks like this affects on centos 5 and is unpatched like on rhel 5?
https://access.redhat.com/articles/1537873
Trying to test if this affects on centos 5. can someone compile this
exploit on centos 5?
https://www.qualys.com/research/security-advisories/roothelper.c
any ideas how to compile it on centos 5?
--
Eero
2015 Aug 13
2
unpatched local root on centos 5?
well, very sad to hear as I use commercial rhel 5 and paying for it..
Eero
2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>:
> On 08/12/2015 10:43 PM, Eero Volotinen wrote:
> > Hi List,
> >
> > Looks like this affects on centos 5 and is unpatched like on rhel 5?
> >
> > https://access.redhat.com/articles/1537873
> >
> > Trying to
2012 Jan 10
2
defense-in-depth possible for sshd?
If an attacker finds an exploit to take control of httpd, they're still
blocked in part by the fact that httpd runs as the unprivileged apache
user and hence can't write any root-owned files on the system, unless
the attacker also knows of a second attack that lets apache escalate its
privilege. Basically correct?
What about sshd -- assuming that the attacker can connect to sshd at
2011 Dec 28
3
why not have yum-updatesd running by default?
Ever since someone told me that one of my servers might have been hacked
(not the most recent instance) because I wasn't applying updates as soon as
they became available, I've been logging in and running "yum update"
religiously once a week until I found out how to set the yum-updatesd
service to do the equivalent automatically (once per hour, I think).
Since then, I've
2008 Feb 10
2
Root exploit in the wild
https://bugzilla.redhat.com/show_bug.cgi?id=432251
Mentioned on Slashdot here:
http://it.slashdot.org/article.pl?sid=08/02/10/2011257
Fedora bug report here:
https://bugzilla.redhat.com/show_bug.cgi?id=432229
--
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com
2003 Feb 13
2
openssh remote add user exploits?
Hello. Recently I discovered some kind of exploit of openssh used against
me. For configuration info, I am using Mandrake 8.2 with the openssh
package openssh-3.1p1-1mdk.
Fortunately, I was at least somewhat security-aware, and have an
AllowUsers parameter in my sshd config file. I Used to allow only public
key logins, but ditched that when I found myself needing access from
multiple places. I
2012 Jan 05
6
SELinux and access across 'similar types'
http://wiki.centos.org/HowTos/SELinux
says:
"Access is only allowed between similar types, so Apache running as
httpd_t can read /var/www/html/index.html of type httpd_sys_content_t."
however the doc doesn't define what "similar types" means. I assumed it
just meant "beginning with the same prefix". However that can't be
right because on my system with
2017 Feb 15
4
Serious attack vector on pkcheck ignored by Red Hat
On Wed, February 15, 2017 10:22 am, Chris Adams wrote:
> Once upon a time, Leonard den Ottolander <leonard at den.ottolander.nl> said:
>> On Wed, 2017-02-15 at 09:47 -0600, Johnny Hughes wrote:
>> > 2. They already have shell access on the machine in question and they
>> > can already run anything in that shell that they can run via what you
>> > are
2011 Nov 30
12
duqu
There's an article on slashdot about the Duqu team wiping all their
intermediary c&c servers on 20 Oct. Interestingly, the report says that
they were all (?) not only linux, but CentOS. There's a suggestion of a
zero-day exploit in openssh-4.3, but both the original article, and
Kaspersky labs (who have a *very* interesting post of the story) consider
that highly unlikely, and the
2004 Feb 10
1
Longest known unpatched FreeBSD security issue ?
Does anyone know off hand what the longest known serious security issue
(i.e. remote compromise) has been with FreeBSD that went unpatched ? e.g.
security hole is reported to security-officer@FreeBSD.org. X days later,
fix and advisory committed. What has been the largest X ?
My jaw dropped when I saw
http://www.eeye.com/html/Research/Upcoming/index.html
---Mike
2012 Jan 02
2
'last' command doesn't include ssh connections made by this perl script?
My home machine has IP 50.54.225.130. I have (for the purposes of this
experiment) one remote machine at www.peacefire.org (69.72.177.140) and
another at www.junkwhale.com.
When I'm logged in to peacefire, I run this perl script to open an ssh
connection to junkwhale and run a command:
my $hostname="www.junkwhale.com";
my $server_password = "[redacted!]";
use Net::SFTP;
2003 Jun 11
2
Kulak exploit
Some time ago one of my customer's computers was compromised by outside
attackers, and though we were able to clean it up I never learned how.
A few weeks back, my own office machine was hacked and the signs were
similar; but this time I found an exploit program named "kulak" in my
/tmp directory.
Evidently (according to the source, which the attacker left behind also)
kulak
2005 Oct 15
2
GID Games Exploits
It has come to my attention that there are quite a few local exploits
circling around in the private sector for GID Games.
Several of the games have vanilla stack overflows in them which can lead to
elevation of privileges if successfully exploited.
2015 Aug 13
0
unpatched local root on centos 5?
On 08/12/2015 10:43 PM, Eero Volotinen wrote:
> Hi List,
>
> Looks like this affects on centos 5 and is unpatched like on rhel 5?
>
> https://access.redhat.com/articles/1537873
>
> Trying to test if this affects on centos 5. can someone compile this
> exploit on centos 5?
> https://www.qualys.com/research/security-advisories/roothelper.c
>
> any ideas how to
2015 Aug 13
0
unpatched local root on centos 5?
On 08/13/2015 12:41 PM, Eero Volotinen wrote:
> well, very sad to hear as I use commercial rhel 5 and paying for it..
>
Well, in that case, I would recommend RHEL-6 or RHEL-7 for your RHEL-5
workloads :)
>
> 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>:
>
>> On 08/12/2015 10:43 PM, Eero Volotinen wrote:
>>> Hi List,
>>>
2023 Nov 24
1
Icecast exploits?
Thank you, Philipp. It was things like buffer overflow attacks once
connected as a source that I was concerned about. It's reassuring to
hear that Icecast server is not exploitable. The Best Practices you
suggested are good ones, I'll discuss them with station management.
--
Jack Elliott
Director of Classical Music Programming
High Desert Community Radio
KPOV Bend, Oregon
On 11/23/23
1997 Apr 29
9
Yet Another DIP Exploit?
I seem to have stumbled across another vulnerability in DIP. It
appears to allow any user to gain control of arbitrary devices in /dev.
For instance, I have successfully stolen keystrokes from a root login as
follows... (I could also dump characters to the root console)
$ whoami
cesaro
$ cat < /dev/tty1 <------ root login here
bash: /dev/tty1: Permission denied
2023 Nov 24
1
Icecast exploits?
On 24 Nov 2023, at 15:37, Jack Elliott wrote:
> Thank you, Philipp. It was things like buffer overflow attacks once connected as a source that I was concerned about. It's reassuring to hear that Icecast server is not exploitable. The Best Practices you suggested are good ones, I'll discuss them with station management.
>
I don?t think you can assert with absolute confidence for any