Eric Dumazet of Google found a very dangerous remote execution bug in the Linux Kernel. It's located in the recv-syscall with the MSG_PEEK-flag set. Attackers can remotely execute code on the target..
I used a google-dork to find vulnerable software:
And found some possible targets:
The latest wikileaks revealings gave also insights about an interesting bug in cisco products. No I am not talking about the bug in the Cisco Cluster Management Protocol (CMP). I am talking about the open telnet ports.Ten years ago it was already recommended to use ssh instead and there are still so many devices out t
During my research about update mechanisms of open-source software I discovered vulnerabilities in OpenElec.
If I enable postscreen on a Debian-Host I'll get this strange message in my mail.log:
Feb 13 08:38:37 tardis postfix/postscreen: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)
It looks like the postscreen_cache.db-file is located in /var/lib/postfix instead of the postfix-jail /var/spool/postfix/var/lib/postfix. So we can fix it by moving the file into the jail:
Many years ago, someone mentioned on a congress that apache has an interesting feature: if apache doesn't know a file-extension, it will just take the next one. If someone saves a file called "shell.php.ab", apache would not know what to do with the extension ".ab". So it will just skip this one and uses the next one and the file "evil.php.ab" becomes "evil.php" and gets executed.