You are viewing a single comment's thread from:

RE: [SECURITY ALERT] Attention Ubuntu 16.10 and 17.04 users: remote code exploit (RCE) in systemd found

in #security7 years ago

Hey man great post. nice to see more infosec guys here 🐱‍💻 🐱‍💻 🐱‍💻

Check the TCP port also. -sS

In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it

https://www.cvedetails.com/cve/CVE-2017-9445/
http://openwall.com/lists/oss-security/2017/06/27/8
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-9445.html

Updates :)

always be careful on system critical systems 😀 backups😅
$ sudo apt-get update
$ sudo apt-get dist-upgrade

follow me @shifty0g

7 years ago in #security by
$0.07
  • Past Payouts $0.07, 0.00 TRX
  • - Author $0.05, 0.00 TRX
  • - Curators $0.02, 0.00 TRX
1 vote
Reply 0

Coin Marketplace

STEEM 0.17
TRX 0.16
JST 0.029
BTC 60412.47
ETH 2375.47
USDT 1.00
SBD 2.62