Forwarded from CTF Community | Hints
Potential bypass of Runas user restrictions
Release Date:
October 14, 2019
Summary:
When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.
This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.
@ctfplay
Log entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.
Sudo versions affected:
Sudo versions prior to 1.8.28 are affected.
CVE ID:
This vulnerability has been assigned CVE-2019-14287 in the Common Vulnerabilities and Exposures database.
Ref:
https://www.sudo.ws/alerts/minus_1_uid.html
https://access.redhat.com/security/cve/cve-2019-14287
#News
#Linux
@ctfplay
Release Date:
October 14, 2019
Summary:
When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.
This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification.
@ctfplay
Log entries for commands run this way will list the target user as 4294967295 instead of root. In addition, PAM session modules will not be run for the command.
Sudo versions affected:
Sudo versions prior to 1.8.28 are affected.
CVE ID:
This vulnerability has been assigned CVE-2019-14287 in the Common Vulnerabilities and Exposures database.
Ref:
https://www.sudo.ws/alerts/minus_1_uid.html
https://access.redhat.com/security/cve/cve-2019-14287
#News
#Linux
@ctfplay
Sudo
Potential bypass of Runas user restrictions
When sudo is configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, it is possible to run commands as root by specifying the user ID -1 or 4294967295.
This can be used by a user with sufficient sudo privileges…
This can be used by a user with sufficient sudo privileges…
Researcher released PoC exploit code for CVE-2019-2215 Android zero-day flaw
https://ift.tt/33Fa8TX
https://ift.tt/33Fa8TX
Freshly patched RCE in PHP-FPM:
https://bugs.php.net/bug.php?id=78599
Exploit:
https://github.com/neex/phuip-fpizdam
Many nginx+PHP configurations vulnerable, watch out!
https://bugs.php.net/bug.php?id=78599
Exploit:
https://github.com/neex/phuip-fpizdam
Many nginx+PHP configurations vulnerable, watch out!
GitHub
GitHub - neex/phuip-fpizdam: Exploit for CVE-2019-11043
Exploit for CVE-2019-11043. Contribute to neex/phuip-fpizdam development by creating an account on GitHub.
A flaw in PMx Driver can give hackers full access to a device
https://ift.tt/2pc7w1k
https://ift.tt/2pc7w1k
Security Affairs
A flaw in PMx Driver can give hackers full access to a device
Eclypsium experts found a vulnerability affecting a popular Intel driver that can give malicious actors deep access to a device.
Exploiting Intel’s Management Engine – Part 1: Understanding PT’s TXE PoC (INTEL-SA-00086)
https://ift.tt/2CJlWsY
https://ift.tt/2CJlWsY
New Hacking Group Using Metasploit To Install Backdoor Malware On Windows By Exploiting MS Office
https://gbhackers.com/new-hacking-group/
https://gbhackers.com/new-hacking-group/
GBHackers On Security
New Hacking Group Install Backdoor On Windows By Exploiting MS Office
Researchers detect a wave of malware campaigns from a new hacking group named TA2101 that targeting various organizations in German and Italy.
Introducing Merlin — A cross-platform post-exploitation HTTP/2 Command & Control Tool
https://ift.tt/2oLAhRp
https://ift.tt/2oLAhRp
Medium
Introducing Merlin — A cross-platform post-exploitation HTTP/2 Command & Control Tool
tl;dr Evade network detection during a penetration test/red team exercise by using a protocol that existing tools aren’t equipped to…
HackerOne is looking for Mobile Security Engineer
//I would never thought I would post job offere in here, but this might help someone to move further in Mobile infosec field
https://jobs.lever.co/hackerone/316d0fbd-cf24-41be-a3e2-5180f62f3658
//I would never thought I would post job offere in here, but this might help someone to move further in Mobile infosec field
https://jobs.lever.co/hackerone/316d0fbd-cf24-41be-a3e2-5180f62f3658
Android StrandHogg vulnerability
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225
Vulnerability allows malicious app to masquerade as any other app on the device.
So, if you launch Facebook, malware is executed.
https://promon.co/security-news/strandhogg/
Video demo: https://twitter.com/LukasStefanko/status/1201597521560244225