jeffv via plug on 26 Jan 2022 07:54:29 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] pkexec-root, nmap scripts


A bug lurking for 12 years gives attackers root on every major Linux distro

https://arstechnica.com/information-technology/2022/01/a-bug-lurking-for-12-years-gives-attackers-root-on-every-major-linux-distro/

Since 2009, pkexec has contained a memory-corruption vulnerability that people with limited control of a vulnerable machine can exploit to escalate privileges all the way to root. Exploiting the flaw is trivial and, by some accounts, 100 percent reliable.




UK govt releasing Nmap scripts to find unpatched vulnerabilities

https://www.bleepingcomputer.com/news/security/uk-govt-releasing-nmap-scripts-to-find-unpatched-vulnerabilities/


The scripts, authored by i100 partners or security experts who want to share their scripts with the community, will be published on GitHub through a new project named Scanning Made Easy (SME).



___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug