Tag: Computer memory
Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021
A vulnerability in the command line parameter parsing code of Sudo could allow an authenticated, local attacker to execute commands or binaries with root privileges.
The vulnerability is due to improper parsing of command line parameters that may result in a heap-based buffer overflow. An attacker could exploit this vulnerability by accessing a Unix shell on an affected device and then invoking the sudoedit command with crafted parameters or by executing a binary exploit. A successful exploit could allow the attacker to execute commands or binaries with root privileges.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
Security Impact Rating: High
CVE: CVE-2021-3156
Related:
Machine learning adversarial attacks are a ticking time bomb
Related:
How to Source Vulnerability Data for True DevSecOps
Related:
Cisco AMP for Endpoints Linux Connector and AMP for Endpoints Mac Connector Software Memory Buffer Vulnerability
A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.
The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-amp4elinux-h33dkrvb
Security Impact Rating: Medium
CVE: CVE-2020-3343,CVE-2020-3344
Related:
Target Device running on VM Ware Hypervisor going into a Hung state with Event – Too many retries Initiate reconnect
1. Logon to the ESXi host and start ESXTOP.
2. Now press “n” for network and ‘t’ to order them.
3. Note down the nine digit Port Number and the Internal vSwitch name, Like – 33554464 and DvsPortset-0.
4. Then run the vsish internal debugging shell to get the statistics report from the VMXNet3 adapter:
[root@esx0:~] vsish -e get /net/portsets/vSwitch0/ports/33554464/vmxnet3/rxSummary
stats of a vmxnet3 vNIC rx queue {
LRO pkts rx ok:50314577
LRO bytes rx ok:1670451542658
pkts rx ok:50714621
bytes rx ok:1670920359206
unicast pkts rx ok:50714426
unicast bytes rx ok:1670920332742
multicast pkts rx ok:0
multicast bytes rx ok:0
broadcast pkts rx ok:195
broadcast bytes rx ok:26464
running out of buffers:10370
pkts receive error:0
# of times the 1st ring is full:7086
# of times the 2nd ring is full:3284
fail to map a rx buffer:0
request to page in a buffer:0
# of times rx queue is stopped:0
failed when copying into the guest buffer:0
# of pkts dropped due to large hdrs:0
# of pkts dropped due to max number of SG limits:0
}
Above values indicate that the ring buffer is over flowing.