You are viewing a single comment's thread from:
RE: [SECURITY ALERT] Attention Ubuntu 16.10 and 17.04 users: remote code exploit (RCE) in systemd found
Hey man great post. nice to see more infosec guys here 🐱💻 🐱💻 🐱💻
Check the TCP port also. -sS
In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it
https://www.cvedetails.com/cve/CVE-2017-9445/
http://openwall.com/lists/oss-security/2017/06/27/8
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-9445.html
Updates :)
always be careful on system critical systems 😀 backups😅
$ sudo apt-get update
$ sudo apt-get dist-upgrade
follow me @shifty0g