vulnerability

Home / vulnerability

CVE-2016-8655 Five-Year-Old Linux Kernel Local Privilege-Escalation Vulnerability Discovered

A five-year-old serious privilege-escalation vulnerability has been discovered in the Linux kernel that affects almost every distro of the Linux operating system, including Red Hat and Ubuntu. Back in October, a nine-year-old privilege-escalation vulnerability, dubbed Dirty COW was discovered in the Linux kernel that affected every distro of the open-source operating system, including Red Hat, [...]

By | December 7th, 2016|Linux, Security|

How To Patch Linux Kernel Zero Day DirtyCow Vulnerability CVE-2016-5195

A zero-day local privilege escalation vulnerability has been found in the Linux kernel that has existed since 2005, being called DirtyCow. This bug affects a large number of popular Linux distros as well as Android devices. By exploiting the DirtyCow vulnerability, any user can become root (admin) in less than 5 seconds. The vulnerability has [...]

By | October 21st, 2016|Linux, Security, System Administration, Zero-Day|

CVE-2016-1453 Cisco Nexus 7000 and 7700 Series Switches Buffer Overflow Vulnerability

Earlier today, Cisco released a critical security advisory affecting its Nexus 7000 and Nexus 7700 Series Switches, CVE-2016-1453. A vulnerability in the Overlay Transport Virtualization (OTV) generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an attacker to cause a reload of the affected system or to remotely [...]

By | October 5th, 2016|Cisco, Security, System Administration|

OpenSSL Patches High-Severity OCSP Bug & Mitigates SWEET32 Attack

A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol (OCSP) was patched this week, closing a denial-of-service weakness in affected servers. OCSP is an alternative in many cases to Certificate Revocation Lists where a client can use the protocol to ping a server requesting the status of a digital certificate. The vulnerability, [...]

By | September 24th, 2016|Security|

Remediation for Microsoft Windows Unquoted Service Path Enumeration Vulnerability

If you're using a vulnerability scanner on your PC or network, you've probably come across the Microsoft Windows Unquoted Service Path Enumeration vulnerability. The truth is, this vulnerability has been around for many years and Microsoft hasn't done much to address it. Instead, they've left it up to the individual developers to fix their programs [...]

By | September 18th, 2016|Security|

Cisco Firepower Management Center and FireSIGHT System Software Session Fixation Vulnerability

Today, Cisco released a security advisory for its Firepower Management Center and FireSIGHT System Software for a session fixation vulnerability. The vulnerability is rated as a medium risk with no workarounds or software updates at this time. The vulnerability could allow an unauthenticated, remote attacker to hijack a valid user session. According to Cisco: The [...]

By | September 7th, 2016|Cisco, Security|
Load More Posts