Security Alerts

A new vulnerability, CVE-2018-1111, has been recently announced; it allows a malicious DHCP server to send a specially crafted response that can run privileged commands on a DHCP client that is running dhclient. This affects dhclient on both Centos Linux 6 and CentOS Linux 7 systems. RedHat have released an updated to ... Read More...

A new exploit vulnerability has been found: CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow . According to the CVE, "A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, ... Read More...

CentOS 6 Linux kernel 2.6.32-573.3.1 has recently been released. Update type(s): security and bugfix Resolved CVEs: CVE-2015-5364 CVE-2015-5366 * When removing a directory, and a reference was held to that directory by a reference to a negative child dentry, the directory dentry was previously not killed. In addition, once the negative child dentry was killed, an unlinked and unused ... Read More...

CentOS 6 Linux kernel 2.6.32-504.30.3 has recently been released. Update type(s): security Resolved CVEs: CVE-2011-5321 CVE-2015-1593 CVE-2015-2830 CVE-2015-2922 CVE-2015-3636 A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. (CVE-2011-5321, Moderate) * It was found that ... Read More...

GHOST Exploit Summary A nasty new remote exploit has been discovered by Qualys. Without going in to too much detail, the exploit lies in the gethostbyname function in glibc. This function is used to convert DNS addresses in to IP addresses. More details from Qaulys.   What versions are affected? All versions of glibc ... Read More...

Heartbleed Bug Summary A new bug in OpenSSL has been discovered that allows a remote attacker to access parts of memory on systems using vulnerable versions of OpenSSL (eg: HTTPS). This can allow an attacker to gain access to private keys, usernames, passwords and eavesdrop on encrypted traffic. For more information, ... Read More...