Samba Bugs Allows Remote Attackers
Description:
All versions of Samba prior to 4.13.17 are vulnerable to an out-of-bounds heap read write vulnerability that allows remote attackers to execute arbitrary code as root on affected Samba installations that use the VFS module vfs_fruit.
VFS module provides enhanced compability with Apple SMB clients and interoperability with a Netatalk 3 AFS fileserver.
Impact:
Allows attackers for remote code execution.
Source:
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root (thehackernews.com)
Suggestions:
- Samba has released the patch addressing the issue. The source code for the patch can be found at Samba - Security Updates and Information.
- You can also disable vfs_fruit module.
Local Privilege Escalation in Polkit’s pkexec utility
Description:
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according to predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Impact:
The vulnerability allows an attacker to gain administrative privileges.
Source:
Suggestions:
Strongly recommended to update the polkit packages once it is available. The mitigation can be found RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) Red Hat Customer Portal.
Critical Vulnerability Impact 600 k WordPress Sites
Description:
Essential Addons for Elementor, a popular WordPress plugin has been found to have a critical remote code execution vulnerability in version 5.0.4 and older. Essential Addons for Elementor provides WordPress site admins with more than 80 elements and extensions to help them easily design WordPress pages and posts. The flaw allows an unauthenticated user to perform a local file inclusion attack.
Impact:
Allows any user to perform a local file inclusion attack, regardless of their authentication or authorization level.
Source:
600K WordPress sites impacted by critical plugin RCE vulnerability (bleepingcomputer.com)
Suggestions:
Strongly recommended to update the plugins.