Debian Archives - Help Net Security

Debian

Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)

July 20, 2021

A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been …

RemotePC adds new features for Linux remote access

May 14, 2021

RemotePC has updated their remote access for Linux offering with new features: Linux Remote Sound – enables users to listen to audio files from the remote machine on …

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)

January 27, 2021

A vulnerability (CVE-2021-3156) in sudo, a powerful and near-ubiquitous open-source utility used on major Linux and Unix-like operating systems, could allow any unprivileged …

Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

July 30, 2020

A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have …

Microsoft releases Defender ATP for Android and Linux

June 24, 2020

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. Microsoft Defender Advanced Threat Protection …

Vulnerability in Qmail mail transport agent allows RCE

May 20, 2020

Qualys researchers have found a way to exploit an previously known (and very old) vulnerability in Qmail, a secure mail transport agent, to achieve both remote code execution …

PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

March 10, 2020

A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking …

Guess what? You should patch Exim again!

October 1, 2019

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by …

Intel MDS attack mitigation: An overview

May 16, 2019

Intel has revealed on Tuesday that some of its CPUs are vulnerable to a number of new speculative execution attacks that may allow attackers to stealing sensitive data and …

Snapd flaw gives attackers root access on Linux systems

February 13, 2019

A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus …

Critical Linux bug opens systems to compromise

November 15, 2016

Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …

Exploit for GNU wget RCE flaw revealed

July 5, 2016

Technical details about a serious vulnerability affecting all but the latest version of the GNU wget software have been released online, along with PoC exploit scenarios. …

Debian

Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909)

RemotePC adds new features for Linux remote access

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)

Bug in widely used bootloader opens Windows, Linux devices to persistent compromise

Microsoft releases Defender ATP for Android and Linux

Vulnerability in Qmail mail transport agent allows RCE

PPP Daemon flaw opens Linux distros, networking devices to takeover attacks

Guess what? You should patch Exim again!

Intel MDS attack mitigation: An overview

Snapd flaw gives attackers root access on Linux systems

Critical Linux bug opens systems to compromise

Exploit for GNU wget RCE flaw revealed

Don't miss

CISA launches US federal vulnerability disclosure platform

Gamification can redefine the cybersecurity demo experience

A digital shift requires a new approach to asset management: How to reduce security risks

A look at the 2021 CWE Top 25 most dangerous software weaknesses

New infosec products of the week: July 30, 2021