Nov 16, 2016
In the not so distant past, I wrote a short article once per week about some of the more interesting Information Security news items for a tech website. I'm gonna do the same here, it keeps me interested in the news and forces me to think about some of the items critically.
With physical access to a machine that encrypts its rootfs with LUKS, after a set number of failed attempts, it's possible to drop to a root shell on the system. This would allow an attacker to either brute force the encryption passphrase, or make a copy of the drive without having to remove it.
1: https://bugzilla.redhat.com/show_bug.cgi?id=1395134
2: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484
On debian based systems, the packaged version of nginx had log files owned by root. It is then possible to symlink this file to another abitrary file (through a compromised web application say) so that upon the logs being rotated said file is written to. Via this it's possible to escalate from the www-data to root.
TAGS:infosec