Security News

You can hijack Google Cloud VMs using DHCP floods, says this guy, once the stars are aligned and...
2021-06-30 00:02

Google Compute Engine virtual machines can be hijacked and made to hand over root shell access via a cunning DHCP attack, according to security researcher Imre Rad. Though the weakness remains unpatched, there are some mitigating factors that diminish the potential risk. A successful attack involves overloading a victim's VM with DHCP traffic so that it ends up using a rogue attacker-controlled metadata server, which can be on the same network or on the other side of the internet.

It's 2019 and SQL Server can be pwned by an SQL query, DHCP failover server failed by a packet, Edge, IE by webpages...
2019-07-10 00:29

Meanwhile, Adobe gives Flash the month off. SAP emits fixes, though Patch Tuesday Summer is now firmly upon us, and depending on where you are, the weather could be just about anything from...

Windows 10 DHCP vulnerability allows for remote code execution
2019-03-22 13:06

The vulnerability in Windows 10 and Windows Server 2019 gives attackers an entry point for further exploitation when combined with other vulnerabilities.

Microsoft changes DHCP to 'Dammit! Hacked! Compromised! Pwned!' Big bunch of security fixes land for Windows
2019-03-12 23:13

DHCP client has trio of remote-code exec vulns, plus SAP, Adobe issue updates Patch Tuesday It's the second Tuesday of the month, and you know what that means: a fresh dump of security fixes from...

Microsoft Patches Critical Flaws in Edge, Hyper-V, DHCP
2019-01-08 20:34

Microsoft has fixed nearly 50 vulnerabilities with its Patch Tuesday updates for January 2019, including some critical flaws affecting Edge, Hyper-V and DHCP. None of the vulnerabilities patched...

Red Hat admin? Get off Twitter and patch this DHCP client bug
2018-05-16 02:58

Proof-of-concept fits in a Tweet and can take down all of RH's best bits Red Hat has announced a critical vulnerability in its DHCP client and while it doesn't have a brand name it does have a...

Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks
2018-05-15 20:48

A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system....

Remotely Exploitable Flaws Patched in DHCP
2018-03-01 13:34

Updates released by the Internet Systems Consortium (ISC) for the Dynamic Host Configuration Protocol (DHCP) software patch two remotely exploitable vulnerabilities discovered by a researcher at...

Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
2017-10-03 16:53

Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is mainly written and...

ISC to Patch Versions of DHCP Vulnerable to DoS (Threatpost)
2016-03-08 16:41

The Internet Systems Consortium (ISC) announced it is planning to patch versions of its DHCP to mitigate a denial of service vulnerability.