Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc.
Tag Archives: Vulnerabilities
Schneider Electric Patches Buffer Overflow in ICS Products
There is a remotely exploitable buffer overflow in a handful of software products from Schneider Electric that could allow an attacker to execute arbitrary code on vulnerable machines. The vulnerability lies in a DLL that’s installed with a Device Type Manager that is part of several Schneider products, including the Unity Pro development software, the […]
GitHub Doubles Down on Maximum Bug Bounty Payouts
GitHub announced that it has doubled the maximum payouts possible via its bug bounty program to $10,000.
Over 5,000 US gas stations vulnerable to remote hacks
Around 5,300 gas stations in the United States could be vulnerable to a remote cyberattack on the automated tank gauges, causing the pumps to flag alerts or even shut down
The post Over 5,000 US gas stations vulnerable to remote hacks appeared first on We Live Security.
Of Ghost glibc Vulnerability Patching and Exploits
Experts urge system administrators to patch the Ghost vulnerability in glibc immediately, but counter that as well that exploiting the bug may be challenging.
FreeBSD Patches Code Execution, Memory Corruption Bugs
FreeBSD has patched a handful of vulnerabilities in its kernel code that could have enabled an attacker to crash the system, execute arbitrary code, or disclose sensitive kernel memory.
NFL Mobile App Leaks Unencrypted Credentials
The National Football League’s NFL Mobile application leaks unencrypted credentials putting personal user information at risk.
GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems
A critical remote code execution vulnerability in the GNU C library glibc affects all Linux systems going back to 2000.
Analysis of Flash Zero Day Shows Layers of Obfuscation
The Flash zero day that made its way into the Angler exploit kit was wrapped in multiple layers of obfuscation and has the ability to inject its malicious payload straight into users’ browsers. In the last week, since the news broke of the Adobe Flash zero-day flaw appearing in the Angler kit, security researchers have […]
Android Wi-Fi Direct Vulnerability Details Disclosed
Core Security disclosed details on an Android Wi-Fi Direct denial of service vulnerability after Google said it had no timeline to patch the issue. The two sides also disagreed on the severity of the flaw.