Re: Local information disclosure in apport and systemd-coredump

Threat Score:
43
OSS Security
2 days ago
Re: Local information disclosure in apport and systemd-coredump

Overview

oss-secmailing list archives Re: Local information disclosure in apport and systemd-coredump I see correctly states NetworkManager is "Not affected" (could as well omit it?), but incorrectly states that RHEL9's systemd is also "Not affected" (whereas I've just confirmed that it is indeed affected). Also, as it relates to severity scores for this issue, I think your CVSS vector/score of 4.7 is reasonable - maybe only Attack Complexity should be reduced to Low, but other than that can't argue with...

Related Articles

5 articles
2

DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks

The Hacker News 3 hours ago

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet calledRapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire attacks targeting victims in over 80 countries since at least 2021. Foltz has been charged with one count of aiding and abettin

Score
82
Read more
3

Microsoft Teams “Couldn’t Connect” Issue After Sidebar Update Gets a Fix

GB Hackers 2 hours ago

Microsoft Teams “Couldn’t Connect” Issue After Sidebar Update Gets a Fix Microsoft is actively rolling out a solution to address a widespread service disruption affecting Teams users globally, where the application displays a “couldn’t connect to this app” error message when attempting to launch either thedesktopor web versions of the collaboration platform. The connectivity problem, officially designated under Microsoft reference TM1131505, originated from a recent interface enhancement update

Score
79
Read more
4
McDonald’s Free Nuggets Hack Exposes Sensitive Customer Data

McDonald’s Free Nuggets Hack Exposes Sensitive Customer Data

GB Hackers 2 hours ago

McDonald’s Free Nuggets Hack Exposes Sensitive Customer Data A security researcher has revealed multiple critical vulnerabilities in McDonald’s digital infrastructure that exposed sensitive customer data and allowed unauthorized access to internal corporate systems. The researcher discovered these flaws over several months, ultimately requiring an unconventional approach to report the issues when traditional security channels proved ineffective. Free Food Exploit Leads to Deeper Investigation Th

Score
79
Read more
5

0-Day Clickjacking Vulnerabilities Found in Major Password Managers like 1Password, LastPass and Others

Cybersecurity News 2 hours ago

A cybersecurity researcher has disclosed zero-day clickjacking vulnerabilities affecting eleven major password managers, potentially exposing tens of millions of users to credential theft through a single malicious click. The research, conducted by security expert Marek Tóth, reveals that attackers can exploit these vulnerabilities to steal credit card details, personal information, login credentials, and even two-factor […]

Score
77
Read more