Warning new easily exploitable #Linux #vulnerability account with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly. #cybersecurity #news #security #Vulnerability #highrisk https://lnkd.in/erkdPN8
-
Show this thread
-
Replying to @FrankSEC42
And where might one see a UID in the wild that is accidentally larger than 2147483647? Or an environment where an attacker can create such an account without already having privileges?
1 reply 0 retweets 4 likes -
This Tweet is unavailable.
Replying to @unixgoddesskate @FrankSEC42
An RPM, which requires root privileges to install, can just natively do whatever the hell it wants. As root. Sure, maybe it's more subtle to create a high UID, and then indirectly exploit that later. But malicious RPMs have always had the ability to do bad stuff.
7:11 AM - 10 Dec 2018
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.