So the Internet exploded this week with news of a pretty serious glibc exploit, something that everyone pays attention to as every Linux server uses this library and in some cases it can yield remote code execution. In basic terms the glibc DNS client (libresolv) is vulnerable to a stack-based buffer overflow when the getaddrinfo() […]
hacking-linux
Linux.Darlloz Worm Targets x86 Linux PCs & Embedded Devices
So this is not a particularly technical source article, but it looks fairly interesting and I haven’t heard of this Linux.Darlloz worm before, so it might be new to some of you too. Seems like it’s going after old php-cgi installs, which are very common on embedded systems (routers/pos systems/stbs etc). The vulnerability being used […]
Lynis 1.2.6 Released – UNIX System & Security Auditing Tool
[ad] Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems. […]
WabiSabiLabi Pimping ClamAV Vulnerability & Exploit
[ad] Interesting, a new arena for marketing spin and sales talk – the auctioning of exploits. WabiSabiLabi is pushing hard for a good price for a ClamAV vulnerability and exploit that it has gotten hold of, it’s dosing it up with a good portion of spin to make it seem like the next big thing […]
Some Guidelines on How to Secure your Ubuntu Installation
[ad] Since Ubuntu is getting so fantastically popular nowadays I thought this might be useful to some of you. I personally think Ubuntu is great, the features, ease of installation, stability and especially the work they have done on things like wireless drivers make it a breeze to get up and running. It is a […]