Critical Vulnerabilities Impact WordPress and More

Samba Bugs Allows Remote Attackers

Description:

All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.

VFS module provides enhanced compability with Apple SMB clients and interoperability with a Netatalk 3 AFS fileserver.

Impact: 

Allows attackers for remote code execution.

Source:   

New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root (thehackernews.com)

Suggestions:

Local Privilege Escalation in Polkit’s pkexec utility

Description:

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according to predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Impact:

The vulnerability allows an attacker to gain administrative privileges.

Source:

Local privilege escalation vulnerability found on ‘polkit’ program found on every Linux variant (scmagazine.com)

Suggestions:

Strongly recommended to update the polkit packages once it is available. The mitigation can be found RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) Red Hat Customer Portal.

Critical Vulnerability Impact 600 k WordPress Sites

Description:

Essential Addons for Elementor, a popular WordPress plugin has been found to have a critical remote code execution vulnerability in version 5.0.4 and older. Essential Addons for Elementor provides WordPress site admins with more than 80 elements and extensions to help them easily design WordPress pages and posts. The flaw allows an unauthenticated user to perform a local file inclusion attack.

Impact:

Allows any user to perform a local file inclusion attack, regardless of their authentication or authorization level.

Source:

600K WordPress sites impacted by critical plugin RCE vulnerability (bleepingcomputer.com)

Suggestions:

Strongly recommended to update the plugins.

Monal Tech, Arjun Aryal 14 February, 2022
Share this post
Archive
Sign in to leave a comment

Zero-Day Exploit on Zimbra Used For Spying
Critical Vulnerabilities and Phising