Security News > 2016 > November > Critical Linux bug opens systems to compromise (Help Net Security)
2016-11-15 20:30
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on affected Linux systems. So far, they confirmed that the vulnerability (CVE-2016-4484) is present and can be exploited on Debian, Ubuntu and Fedora, but it’s possible that many derived distributions also feature it, shared. According to researchers Hector Marco and Ismael Ripoll, the vulnerability is found in the default … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/wRjKEJF4n5U/
Related news
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Deepen your knowledge of Linux security (source)
- Major security audit of critical FreeBSD components now available (source)
- Overreliance on GenAI to develop software compromises security (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- 'Alarming' security bugs lay low in Linux's needrestart utility for 10 years (source)
- Discover the future of Linux security (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- Critical security hole in Apache Struts under exploit (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-4484 | Improper Authentication vulnerability in Cryptsetup Project Cryptsetup The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password. | 6.8 |