Archive for the ‘privilege escalation’ Category

New Apache Web Server Bug Threatens Security of Shared Web Hosts

April 2nd, 2019
Mark J Cox, one of the founding members of the Apache Software Foundation and the OpenSSL project, today posted a tweet warning users about a recently discovered important flaw in Apache HTTP Server software. The Apache web server is one of the most popular, widely used open-source web servers in the world that powers almost 40 percent of the whole Internet. The vulnerability, identified as

Posted in Apache, Apache web server, fast web server, hacking web server, privilege escalation, shared web hosting, Vulnerability, web hosting, web server hacking, web server security | Comments (0)

Snapd Flaw Lets Attackers Gain Root Access On Linux Systems

February 13th, 2019
Ubuntu and some other Linux distributions suffer from a severe privilege escalation vulnerability that could allow a local attacker or a malicious program to obtain root privileges and total control over the targeted system. Dubbed "Dirty_Sock" and identified as CVE-2019-7304, the vulnerability was discovered by security researcher Chris Moberly, who privately disclosed it to Canonical, the

Posted in hacking news, linux, privilege escalation, Snap Package, Ubuntu, Ubuntu Linux, Vulnerability | Comments (0)

Latest iOS 12.1.4 Update Patches 2 Zero-Day and FaceTime Bugs

February 8th, 2019
Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and hear or see you before you even pick up the call without your knowledge. The Facetime bug (CVE-2019-6223) was discovered by 14-year-old Grant Thompson of Catalina Foothills High School while he was

Posted in Apple Face Time, Apple iPhone, Google Project Zero, Group FaceTime, iphone update, macOS update, privilege escalation, Vulnerability | Comments (0)

New Privilege Escalation Flaw Affects Most Linux Distributions

October 26th, 2018
An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributions, including Debian, Ubuntu, CentOS, Red Hat, and Fedora. Xorg X server is a popular open-source implementation of the X11 system (display server) that offers a graphical environment to a wider range of hardware and OS platforms. It serves as an

Posted in CentOS, Debian, Fedora, Linux distribution, Linux server, Linux Vulnerability, OpenBSD, privilege escalation, Red Hat, Ubuntu | Comments (0)

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

July 12th, 2017

As part of this month’s Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.

Researchers at behavioral firewall specialist Preempt discovered two zero-day vulnerabilities in Windows NTLM security protocols, both of which allow attackers to create a

Posted in hacking news, Microsoft Windows, privilege escalation, RDP exploit, RDP server hacking, Vulnerability, windows hacking, windows Vulnerability, zero-day exploit | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory was

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory was

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered

June 20th, 2017

Update: Find working Exploits and Proof-of-Concepts at the bottom of this article.

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover.

Dubbed Stack Clash

Posted in freebsd, hacking news, Linux exploit, Linux Vulnerability, local root exploit, OpenBSD, privilege escalation, root exploit, solaris os, Vulnerability | Comments (0)

11-Year Old Linux Kernel Local Privilege Escalation Flaw Discovered

February 22nd, 2017

Another privilege-escalation vulnerability has been discovered in Linux kernel that dates back to 2005 and affects major distro of the Linux operating system, including Redhat, Debian, OpenSUSE, and Ubuntu.

Over a decade old Linux Kernel bug (CVE-2017-6074) has been discovered by security researcher Andrey Konovalov in the DCCP (Datagram Congestion Control Protocol) implementation using

Posted in DCCP protocol, hacking news, Linux kernel, Linux kernel development, Linux kernel exploit, local root exploit, privilege escalation, Vulnerability | Comments (0)

Critical Flaws in MySQL Give Hackers Root Access to Server (Exploits Released)

November 3rd, 2016

Over a month ago we reported about two critical zero-day vulnerabilities in the world’s 2nd most popular database management software MySQL:

MySQL Remote Root Code Execution (CVE-2016-6662)
Privilege Escalation (CVE-2016-6663)

At that time, Polish security researcher Dawid Golunski of Legal Hackers who discovered these vulnerabilities published technical details and proof-of-concept exploit

Posted in hacking database, hacking mysql, hacking news, MariaDB, MySQL, PerconaDB, privilege escalation, Remote code execution vulnerability, server hacking, server security, Vulnerability | Comments (0)