A critical 17-year-old remote code execution bug was discovered in pppd (Point to Point Protocol Daemon). PPPD is used to manage network connections between two nodes on Unix-like operating systems and is responsible for managing PPP session establishment and session termination. The vulnerability, tracked as CVE-2020-8597, is a flaw in the Extensible Authentication Protocol (EAP) […]

Read More →

A new vulnerability was discovered in the sudo utility which allows an unprivileged user to gain root privileges without authentication. CVE-2019-18634 is classified as Stack-based Buffer Overflow(CWE-121). This flaw affects all Unix-like operating systems and is prevalent only when the ‘pwfeedback’ option is enabled in the sudoers configuration file. pwfeedback provides visual feedback(* for every […]

Read More →

A highly critical vulnerability has been found in glibc, the GNU C library, which affects all Linux systems on glibc version 2.2 dating back to the year 2000. The vulnerability, with CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Read More.   It affects virtually all Linux-based software that […]

Read More →

A critical vulnerability is discovered in GNU C Library (glibc). The GNU C Library, commonly known as glibc, is the GNU Project’s implementation of the C standard library and a core part of the Linux operating system. GNU C Library (glibc) is used in most of the Linux distributions, which is prone to a heap-based […]

Read More →