Security Leftovers
-
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog [Ed: Microsoft Windows TCO]
Cybersecurity researchers have disclosed details about a pair of vulnerabilities in Microsoft Windows, one of which could be exploited to result in a denial-of-service (DoS).
The exploits, dubbed LogCrusher and OverLog by Varonis, take aim at the EventLog Remoting Protocol (MS-EVEN), which enables remote access to event logs.
-
CISA: Urgent patching needed for actively exploited Linux kernel flaw [Ed: That's just privilege escalation and it was patched ages ago; seems like alarmism to help distract from vastly more severe issues in Windows (actively exploited and not patched by the vendor, Microsoft)]]
Linux-based IoT devices and endpoints have been targeted by the Shikitega malware, which abuses CVE-2021-3493 and CVE-2021-4034, also known as PwnKit, to facilitate privilege escalation. However, only Ubuntu has so far been observed to be impacted by the Linux kernel vulnerability.
-
Security updates for Tuesday [LWN.net]
Security updates have been issued by Debian (libbluray and wkhtmltopdf), Fedora (firefox, libksba, libmodsecurity, libxml2, qemu, and xmlsec1), Red Hat (389-ds-base, 389-ds:1.4, git-lfs, gnutls, java-1.8.0-ibm, kernel, kernel-rt, kpatch-patch, libksba, mysql:8.0, pki-core, postgresql:12, samba, sqlite, and zlib), Scientific Linux (389-ds-base, libksba, and pki-core), SUSE (bluez, firefox, jdom, kernel, libosip2, libxml2, multipath-tools, and python-Mako), and Ubuntu (barbican, mysql-5.7, mysql-8.0, openvswitch, and pillow).
-
Delta Electronics InfraSuite Device Master | CISA [Ed: Severity 9.8 out of 10]
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to remotely execute code, cause a denial-of-service condition by remotely deleting files or changing group privileges, or remotely read and write files, all with local administrator privileges.