Mysql Remote Root Code Execution

Remote Root Code Execution / Databse Privilege Escalation: Severity: Critical CVE-2016-6662 CVE-2016-6663 Privilege Escalation vulnerability is reported. Using this vulnerability, an attacker could execute code with root privileges. Using the REPAIR TABLE SQL statement, which have the lowest privileged users with SELECT/CREATE/INSERT grants, can create a simlink to the database directory( that is /var/lib/mysql). After […]

Dirty COW – Vulnerability Fix

Dirty COW [ CVE-2016-5195 ] COW -> Copy – On – Write Dirty COW is actually an old vulnerability , which has driven back after 10 long years. The issue was first identified by Linus Torvalds and found some difficulties to patch the issue. The vulnerability is also called privilege-escalation vulnerability. In which the normal […]

Wget CVE-2016-4971: Arbitrary File Upload

CVE-2016-4971 [Arbitrary File Upload / Potential Remote Code Execution] Severity: High below 1.8 version. All versions of Wget before the patched version of 1.18 are affected. 1. GNU wget before 1.18 when supplied with a malicious URL (to a malicious or compromised web server) can be tricked into saving an arbitrary remote file supplied by […]

OpenSSL Vulnerabilities fix – CVE-2016-2108

OPENSSL VULNERABILITIES – CVE-2016-2108 & CVE-2016-2107 On 3rd May 2016, OpenSSL released patches for two high severity bugs (CVE-2016-2108 & CVE-2016-2107), and 4 low severity ones.  CVE-2016-2107 is an OpenSSL bug which allows a man-in-the-middle (MITM) attacker to use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the […]

DROWN Vulnerability Fix

General Information regarding DROWN vulnerability Fix On March 1, we have another OpenSSL vulnerability reported: DROWN. Please follow the document to know more about DROWN and DROWN Vulnerability Fix Name: DROWN( Decrypting RSA using Obsolete and Weakened eNcryption.) Type: Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800). Affected services: DROWN is a serious vulnerability that affects HTTPS and other services that […]

glibc version check with ansible

Considering the recent glibc vulnerability, getting details regarding glibc versions can be a bit difficult when you are managing large server clusters with multiple OS versions. Configuration management tools like ansible becomes a real boon in here. For anyone who is not familiar with ansible, take a looks at the ansible intro page for details […]

Critical glibc vulnerability CVE-2015-7547

What’s the glibc getaddrinfo vulnerability? Red Hat has updated details on the vulnerability. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user […]

Hadoop:: The Big Data Boss

Hadoop is a software framework for creating a cluster of servers to handle huge amounts of data which in turn leads it to be called Big Data processing. BigData should be in 3 “V”s, Volume , Velocity and Variety. Volume : The amount of dat generated Velocity : Speed of your data analysing Variety : […]

Docker Tutorial

Docker Tutorial We hope this docker tutorial will help you to understand some more details about docker and its usage. Docker, the word itself gives the whole meaning of the docker system. We know that it is difficult to clone a specific configuration to somewhere else. The docker makes this very simple. Build, Ship, Run!!! […]

Begin typing your search term above and press enter to search. Press ESC to cancel.

Enjoy this blog? Please spread the word :)

Follow by Email
Twitter
Visit Us
Follow Me
LinkedIn
Share
Instagram