Security News #0x40
- Just in time for the final live exercise in my class came news of CVE 2013-2094, a new Linux privilege escalation exploit. Though the exploit-db page lists the exploit as "unverified", there are a number of students in my class who now know that this does work- at least on the CenOS 6.2 x64 systems we used in class. The user spender on Reddit provides some useful technical details. The problem was patched in the kernel last month. As is often the case, Ars Technica provides some perspective, while Andrea Righi has instructions on how to patch a running kernel.
- Microsoft released MS 13-038 to patch last week’s vulnerability CVE 2013-1347 in Internet Explorer 8.
- Did you know that you can use ICMP as a communication method for your shells?
- Netcraft has a nice article on how certificate revokation works (or doesn’t) in practice.