Posted by jericho on Nov 16

Actually… I filed a FOIA request with the NSA about their use of a
trademarked image in their presentation, just for kicks. Not surprisingly,
the response was basically “we have no idea what you are talking about”.

Posted by Summer of Pwnage on Nov 16

————————————————————————
Cross-Site Scripting in All In One WP Security & Firewall WordPress
Plugin
————————————————————————
Yorick Koster, July 2016

————————————————————————
Abstract
————————————————————————
A Cross-Site Scripting vulnerability was…

Posted by Dawid Golunski on Nov 16

Vulnerability: Nginx (Debian-based distros) – Root Privilege
Escalation (CVE-2016-1247)

Discovered by: Dawid Golunski (@dawid_golunski)
https://legalhackers.com

Nginx web server packaging on Debian-based distributions such as Debian or
Ubuntu was found to create log directories with insecure permissions which
can be exploited by malicious local attackers to escalate their privileges
from nginx/web user (www-data) to root.
The vulnerability…

Posted by VMware Security Response Center on Nov 15

– ————————————————————————
VMware Security Advisory

Advisory ID: VMSA-2016-0020
Severity: Important
Synopsis: vRealize Operations update addresses REST API
deserialization vulnerability
Issue date: 2016-11-15
Updated on: 2016-11-15 (Initial Advisory)
CVE number: CVE-2016-7462

1. Summary

vRealize Operations update addresses REST API…

Posted by Leo Famulari on Nov 15

Hi,

Can you clarify which versions are affected?

The latest upstream version is 1.7.3:

https://gitlab.com/cryptsetup/cryptsetup/commits/master

What is the 2:1 version?

Posted by Hector Marco-Gisbert on Nov 15

Hello,

We have found that systems that use Dracut instead of initramfs are
also vulnerables (tested on Fedora 24 x86_64).

Regards,
Hector Marco & Ismael Ripoll.

Posted by Hector Marco on Nov 15

Hello All,

Affected package
—————-
Cryptsetup <= 2:1

CVE-ID
——
CVE-2016-4484

Description
———–
A vulnerability in Cryptsetup, concretely in the scripts that unlock the
system partition when the partition is ciphered using LUKS (Linux
Unified Key Setup).

This vulnerability allows to obtain a root initramfs shell on affected
systems. The vulnerability is very reliable because it doesn’t depend on
specific systems or…

Posted by Ralf Spenneberg on Nov 15

OS-S Security Advisory 2016-21
Local DoS: Linux Kernel Nullpointer Dereference via keyctl

Date:
October 31th, 2016
Authors:
Sergej Schumilo, Ralf Spenneberg, Hendrik Schwartke
CVE:
Not yet assigned
CVSS:
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Severity:
Potentially critical. If the kernel is compiled with the option
“Panic-On-Oops”, this vulnerability may lead to a kernel panic.
Ease of Exploitation:
Trivial
Vulnerability Type:
Local unprivileged…

Posted by Ralf Spenneberg on Nov 15

OS-S Security Advisory 2016-22
Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read

Date:
October 31th, 2016
Authors:
Sergej Schumilo, Ralf Spenneberg
CVE:
Not yet assigned
CVSS:
4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)
Severity:
Critical
Ease of Exploitation:
Trivial
Vulnerability Type:
Memory Corruption / SLAB-Out-of-Bounds Read

Abstract:
Mounting a crafted EXT4 image read-only leads to a memory corruption and
SLAB-Out-of-Bounds…

Posted by Berend-Jan Wever on Nov 15

Throughout November, I plan to release details on vulnerabilities I
found in web-browsers which I’ve not released before. This is the
eleventh entry in that series. Unfortunately I won’t be able to publish
everything within one month at the current rate, so I may continue to
publish these through December and January.

The below information is available in more detail on my blog at
http://blog.skylined.nl/20161115001.html.

Follow me on…