Telegram Group & Telegram Channel
Forwarded from AIGC
本地权限提升漏洞影响 needrestart 工具

Qualys 安全公告指出,needrestart 工具中存在多个本地权限提升漏洞(LPE),这些漏洞允许任何非特权用户获得 root 权限。needrestart 是一个 Perl 工具,自 Ubuntu Server 21.04 版本起默认安装,用于检查系统或服务是否需要重启。

主要漏洞包括:
1. CVE-2024-48990 和 CVE-2024-48992:攻击者可以通过控制 PYTHONPATH 或 RUBYLIB 环境变量,诱使 needrestart 运行 Python 或 Ruby 解释器,从而执行任意代码。
2. CVE-2024-48991
:攻击者可以通过竞争条件,诱使 needrestart 运行攻击者伪造的 Python 解释器。
3. CVE-2024-10224 和 CVE-2024-11003
:攻击者可以通过控制文件名,诱使 needrestart 调用 Perl 的 ScanDeps 模块时执行任意 shell 命令。

这些漏洞自 needrestart 0.8 版本(2014年4月)引入解释器支持以来就已存在。目前,Qualys 不会公开其利用代码,但警告其他研究人员可能会在协调发布后不久公开有效的利用方法。

缓解措施:

建议在 needrestart 配置中禁用解释器扫描功能:
$nrconf{interpscan} = 0;


原文链接:
Qualys Security Advisory

标签:
#安全漏洞 #Ubuntu #needrestart #LPE

#AIGC



group-telegram.com/billchenla/19763
Create:
Last Update:

本地权限提升漏洞影响 needrestart 工具

Qualys 安全公告指出,needrestart 工具中存在多个本地权限提升漏洞(LPE),这些漏洞允许任何非特权用户获得 root 权限。needrestart 是一个 Perl 工具,自 Ubuntu Server 21.04 版本起默认安装,用于检查系统或服务是否需要重启。

主要漏洞包括:
1. CVE-2024-48990 和 CVE-2024-48992:攻击者可以通过控制 PYTHONPATH 或 RUBYLIB 环境变量,诱使 needrestart 运行 Python 或 Ruby 解释器,从而执行任意代码。
2. CVE-2024-48991
:攻击者可以通过竞争条件,诱使 needrestart 运行攻击者伪造的 Python 解释器。
3. CVE-2024-10224 和 CVE-2024-11003
:攻击者可以通过控制文件名,诱使 needrestart 调用 Perl 的 ScanDeps 模块时执行任意 shell 命令。

这些漏洞自 needrestart 0.8 版本(2014年4月)引入解释器支持以来就已存在。目前,Qualys 不会公开其利用代码,但警告其他研究人员可能会在协调发布后不久公开有效的利用方法。

缓解措施:

建议在 needrestart 配置中禁用解释器扫描功能:

$nrconf{interpscan} = 0;


原文链接:
Qualys Security Advisory

标签:
#安全漏洞 #Ubuntu #needrestart #LPE

#AIGC

BY 咕 Billchen 咕 |


Warning: Undefined variable $i in /var/www/group-telegram/post.php on line 260

Share with your friend now:
group-telegram.com/billchenla/19763

View MORE
Open in Telegram


Telegram | DID YOU KNOW?

Date: |

Emerson Brooking, a disinformation expert at the Atlantic Council's Digital Forensic Research Lab, said: "Back in the Wild West period of content moderation, like 2014 or 2015, maybe they could have gotten away with it, but it stands in marked contrast with how other companies run themselves today." Pavel Durov, a billionaire who embraces an all-black wardrobe and is often compared to the character Neo from "the Matrix," funds Telegram through his personal wealth and debt financing. And despite being one of the world's most popular tech companies, Telegram reportedly has only about 30 employees who defer to Durov for most major decisions about the platform. READ MORE Telegram was co-founded by Pavel and Nikolai Durov, the brothers who had previously created VKontakte. VK is Russia’s equivalent of Facebook, a social network used for public and private messaging, audio and video sharing as well as online gaming. In January, SimpleWeb reported that VK was Russia’s fourth most-visited website, after Yandex, YouTube and Google’s Russian-language homepage. In 2016, Forbes’ Michael Solomon described Pavel Durov (pictured, below) as the “Mark Zuckerberg of Russia.” The channel appears to be part of the broader information war that has developed following Russia's invasion of Ukraine. The Kremlin has paid Russian TikTok influencers to push propaganda, according to a Vice News investigation, while ProPublica found that fake Russian fact check videos had been viewed over a million times on Telegram.
from ru


Telegram 咕 Billchen 咕 |
FROM American