info@unhackable.org Phone: +877 547 3638

Sudo format string vulnerability – affects versions 1.8.0 through 1.8.3p1

Summary: A flaw exists in the debugging code in sudo versions 1.8.0 through 1.8.3p1 that can be used to crash sudo or potentially allow an unauthorized user to elevate privileges. Sudo versions affected: 1.8.0 through 1.8.3p1 inclusive. Older versions of sudo are notaffected. CVE ID: This vulnerability has been assigned CVE 2012-0809 in the Common […]

Read More »

Linux vendors rush to patch privilege escalation flaw after root exploits emerge – affects kernel >=2.6.39

Linux vendors are rushing to patch a privilege escalation vulnerability in the Linux kernel that can be exploited by local attackers to gain root access on the system. The vulnerability, which is identified as CVE-2012-0056, was discovered by Jüri Aedla and is caused by a failure of the Linux kernel to properly restrict access to […]

Read More »

DNSSEC Error Caused NASA Website To Be Blocked

The hazards of early DNSSEC adoption: A misconfiguration in NASA’s Domain Name System Security Extensions (DNSSEC) implementation on its website caused Comcast’s network to block users from the site last week. This is a glaring example of the difficulties in today’s mostly manual process of configuring DNS servers to support the new security protocol that […]

Read More »

Hackers Breached Railway Network, Disrupted Service

Hackers attacked computers at an an unidentified railway company, disrupting railway signals for two days in December, according to a government memo obtained by Nextgov. According to the memo, train service on the unnamed railroad located in the Pacific Northwest “was slowed for a short while” on Dec. 1, and rail schedules were delayed about […]

Read More »