Security
Headlines
HeadlinesLatestCVEs

Tag

#debian

Linux Vulnerability Exposes Millions of Systems to Attack

By Waqas Dubbed Looney Tunables; the vulnerability has existed since its introduction in April 2021, putting a significant number of systems at risk. This is a post from HackRead.com Read the original post: Linux Vulnerability Exposes Millions of Systems to Attack

HackRead
Open in Source
#vulnerability#ubuntu#linux#debian#rce#buffer_overflow#zero_day#firefox
CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so – Qualys Security Blog

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

CVE-2023-43361: GitHub - xiph/vorbis-tools: Command-line tools for creating and playing Ogg Vorbis files.

Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files.

Debian Security Advisory 5512-1

Debian Linux Security Advisory 5512-1 - Several vulnerabilities were discovered in Exim, a mail transport agent, which could result in remote code execution if the EXTERNAL or SPA/NTLM authenticators are used.

Debian Security Advisory 5511-1

Debian Linux Security Advisory 5511-1 - Several security vulnerabilities have been discovered in mosquitto, a MQTT compatible message broker, which may be abused for a denial of service attack.

Debian Security Advisory 5510-1

Debian Linux Security Advisory 5510-1 - Clement Lecigne discovered a heap-based buffer overflow in libvpx, a multimedia library for the VP8 and VP9 video codecs, which may result in the execution of arbitrary code if a specially crafted VP8 media stream is processed.

Debian Security Advisory 5509-1

Debian Linux Security Advisory 5509-1 - A buffer overflow in VP8 media stream processing has been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

Debian Security Advisory 5508-1

Debian Linux Security Advisory 5508-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

Hello everyone! On the last day of September, I decided to record another retrospective episode on how my Vulnerability Management month went. Alternative video link (for Russia): https://vk.com/video-149273431_456239136 September was quite a busy month for me. Vulnerability Management courses I participated in two educational activities. The first one is an on-line cyber security course for […]

Debian Security Advisory 5507-1

Debian Linux Security Advisory 5507-1 - Multiple security vulnerabilities were found in Jetty, a Java based web server and servlet engine.