New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Unauthenticated RCE for all Linux, 9.9 severity. No fix available.
- Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago.
- Still no working fix.
- Attack complexity: low
- Privileges required: none
- User interaction: none
Seems like this isn't like spectre or meltdown where you needed nation state hackers to have a chance of exploiting it.
https://threadreaderapp.com/thread/1838169889330135132.html
What do you guys think this is? Anyone worried? Any ideas what this might be? Are you ready to reboot all your servers?
Comments
Mentally strong people power off the server to avoid all vulnerabilities.
Or use IPv6
Since nobody's using it it's basically a local network with no outside access
Very safe
facts. I do the same.
You too late my dude.
https://lowendtalk.com/discussion/198013/unauthenticated-rce-on-every-linux-system-take-it-with-a-grain-of-salt-but-read-up#latest
/thread