Security News > 2016 > November > Critical Linux bug opens systems to compromise (Help Net Security)
2016-11-15 20:30
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on affected Linux systems. So far, they confirmed that the vulnerability (CVE-2016-4484) is present and can be exploited on Debian, Ubuntu and Fedora, but it’s possible that many derived distributions also feature it, shared. According to researchers Hector Marco and Ismael Ripoll, the vulnerability is found in the default … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/wRjKEJF4n5U/
Related news
- Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware (source)
- 73% of SME security pros missed or ignored critical alerts (source)
- 10 Critical Endpoint Security Tips You Should Know (source)
- DHS establishes AI Safety and Security Board to protect critical infrastructure (source)
- U.S. Government Releases New AI Security Guidelines for Critical Infrastructure (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2016-4484 | Improper Authentication vulnerability in Cryptsetup Project Cryptsetup The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password. | 7.2 |