Security News > 2016 > November > Critical Linux bug opens systems to compromise (Help Net Security)
2016-11-15 20:30
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on affected Linux systems. So far, they confirmed that the vulnerability (CVE-2016-4484) is present and can be exploited on Debian, Ubuntu and Fedora, but it’s possible that many derived distributions also feature it, shared. According to researchers Hector Marco and Ismael Ripoll, the vulnerability is found in the default … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/wRjKEJF4n5U/
Related news
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- That doomsday critical Linux bug: It's CUPS. Could lead to remote hijacking of devices (source)
- That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices (source)
- HPE patches three critical security holes in Aruba PAPI (source)
- Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution (source)
- Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-4484 | Improper Authentication vulnerability in Cryptsetup Project Cryptsetup The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password. | 7.2 |