Webmin, the web-based interface for system administration for Unix and Linux, had a remote code execution vulnerability deliberately introduced into its source code in April 2018. It was only publicised in August 2019 when a zero day exploit was published at DefCon 27. Webmin has been installed over a million times worldwide. The malicious code […]
Webmin utility compromised with deliberate RCE Read More »
A potential remote code execution vulnerability has been discovered in the popular GPL-licensed FTP server ProFTPD ProFTPD is running on over a million servers exposed to the internet. It is included in several Linux distros including Debian, Suse and Ubuntu. The flaw, tracked under CVE-2019-12815 lives in the mod_copy module. The flaw allows an unauthenticated user to
1 million ProFTPD servers vulnerable to RCE Read More »
Researchers have published details of a newly discovered side channel attack they have named RAMBleed RAMbleed is the latest evolution of attacks building on Row Hammer that allow information in one area of physical memory to be influenced by access made to a different but nearby area of physical memory. Because Row Hammer and related methods
RAMbleed – new side channel attack Read More »
The world’s most popular mail server is vulnerable to a remote command execution flaw Exim is the world’s most popular mail server, with 57% of the mail servers connected to the web running Exim (as of June 2019). The vulnerability reported by Qualys (CVE-2019-10149) affects Exim versions 4.87 to 4.91 inclusive running on several Linux
Exim mail server vulnerable to remote command execution Read More »
All Linux kernels prior to 5.0.8 are vulnerable to a race condition vulnerability which can allow remote code execution. The vulnerability in the RDS (Reliable Datagram Socket) module can lead to a use after free condition which can be leveraged to achieve remote code execution by sending specially crafted TCP packets to a vulnerable server.
Linux RCE Kernel vulnerability patched Read More »
In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged. Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS. Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer in
Novel application package allows Windows malware to target MacOS and Linux Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.