CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)

 SANS Internet Storm Center, Security Alerts  Comments Off on CVE-2013-2094: Linux privilege escalation, (Tue, May 14th)
May 142013
 

A vulnerability was discovered using fuzzing in linux kernels 2.6.37 till 3.8.9. The vulenrability requires the kernel to be compiled with PERF_EVENTS, but unfortunately that seems the case for quite some linux distributions. CentOS even backported the vulnerability to 2.6.32.

Impact is local privilege escalation, and exploit code is readily available.

More information: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2094

Hat tip: James for sending us some pointers to this.


Swa Frantzen — Section 66

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Firefox & Thunderbird released, (Tue, May 14th)

 SANS Internet Storm Center, Security Alerts  Comments Off on Firefox & Thunderbird released, (Tue, May 14th)
May 142013
 

Mozilla decided to join the mayhem on Black Tuesday this month and released Firefox and Thunderbird.

This updates to:

  • Firefox 21.0
  • Firefox ESR 17.0.6
  • Thunderbird 17.0.6
  • Thunderbird ESR 17.0.6

Release notes:

https://www.mozilla.org/security/known-vulnerabilities/firefox.html

Security content o fthe updates:

 


Swa Frantzen — Section 66

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Microsoft Windows CVE-2012-1893 Local Privilege Escalation Vulnerability

 Security Alerts  Comments Off on Microsoft Windows CVE-2012-1893 Local Privilege Escalation Vulnerability
Jul 092012
 

Type: Vulnerability. Microsoft Windows is prone to a local privilege-escalation vulnerability; fixes are available.

Microsoft Windows CVE-2012-1890 Local Privilege Escalation Vulnerability

 Security Alerts  Comments Off on Microsoft Windows CVE-2012-1890 Local Privilege Escalation Vulnerability
Jul 092012
 

Type: Vulnerability. Microsoft Windows is prone to a local privilege-escalation vulnerability; fixes are available.

Microsoft Office for Mac Improper Folder Permissions Local Privilege Escalation Vulnerability

 Security Alerts  Comments Off on Microsoft Office for Mac Improper Folder Permissions Local Privilege Escalation Vulnerability
Jul 092012
 

Type: Vulnerability. Microsoft Office for Mac is prone to a local privilege-escalation vulnerability; fixes are available.

%d bloggers like this: