Популярные дистрибутивы Linux уязвимы перед атаками drive-by.

Здесь может быть ваша реклама

Подготовлены PoC-эксплоиты, демонстрирующие уязвимость проигрывателей мультимедиа.

В ноябре текущего года специалист в сфере безопасности Крис Эванс (Chris Evans) представил метод взлома Linux посредством эксплуатации уязвимостей в плагине GStreamer, включенном в состав большинства Linux-дистрибутивов. Сейчас эксперт рассказал об еще двух уязвимостях, позволяющих осуществить drive-by-атаку на связку Fedora 25 и Chrome.

Как и в предыдущем случае, выявленные Эвансом проблемы тесно связаны с GStreamer. Исследователь подготовил два PoC-эксплоита, демонстрирующие уязвимость проигрывателей мультимедиа. Один из эксплоитов использует уязвимость в библиотеке известной как libgme (Game Music Emu). Созданные экспертом аудиофайлы представлены в формате SPC, используемом в консолях Super Nintendo Entertainment System с конца 1990-х годов. Оба файла эксплуатируют уязвимость переполнения буфера в эмуляторе звукового процессора Sony SPC700. Как поясняется, если изменить расширение .spc на .flac и .mp3, GSteamer и Game Music Emu автоматически откроют их.

Вредоносный .flac работает по типу drive-by-атаки, когда жертва, использующая Fedora 25 и Google Chrome посещает специально сформированную web-страницу. В рамках демонстрации работы эксплоита Эванс запустил калькулятор, но злоумышленник может загрузить и выполнить любой код с привилегиями текущего пользователя. Хотя среднестатистический пользователь не имеет прав суперпользователя, эксплоит все равно может просматривать и похищать персональные данные жертвы, cookie-файлы, данные сессий Gmail, Facebook, Twitter и других сайтов.

Второй эксплоит оформлен в виде файла с расширением .mp3 и позволяет выполнить произвольный код при копировании на рабочий стол или открытии каталога с файлом в файловом менеджере. В видеоролике Эванс продемонстрировал атаку на примере Ubuntu 16.04 LTS, однако техника, скорее всего, сработает в Fedora и других дистрибутивах Linux, хотя эксперт не проверял это на практике.

Источник — securitylab.ru

2010 draft book and it is sure to make oakland fans sadManziel never had a chance to succeed with the Browns. Former coach Mike Pettine wanted nothing to do with him, so the cheap jerseys 2014 first round pick was never going to get a fair shot. He needed to get in sync with blockers and get completely familiar with new schemes against various defensive fronts. Jones Drew was more tentative than usual in the early going. Scale bar, 50 applies to all main panels. (i) Kv1.3 immunoreactivity (red) in the healthy rat retina is seen throughout the inner nuclear (INL) and ganglion cell layers (GCL), and specifically, in RGCs (examples are shown by arrows). Make sure the console and TV are on to begin with look for green lights on the front of both. Check the video connection from the console to the screen is securely attached on both ends. That’s why over 100 million ray ban sunglasses tuned in to the Super Bowl. To watch a battle between two teams who possess excellence, to challenge each other to heights that they cheap jerseys could never reach without the power of competition and opposition. In a moment, I’ll hand the call over to Mike, Bruce and Pat for some introductory remarks. But first, I’ll read to you the following: On this cheap mlb jerseys call, we make statements that may constitute forward looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. 2) Minnesota Vikings Even before the Sam Bradford trade, the Vikings were still in pretty good shape with potentially a top 5 defense and a run game led by the other worldly Adrian Peterson. A question mark heading into the offseason, the offensive line appears to be solidified that will help out the offense significantly. His parents knew hardly anything about tennis «we thought it was a bit of a rich man’s sport,» Sheila said even cheap nfl jerseys though they Wholesale NFL Jerseys had been more than just athletes themselves. John played rugby union, football and cricket; Sheila was a netball and hockey player. You know, that the problems that are facing our community are much greater than any one individual’s ability to solve it. And as you get to this history that I described in the book, you understand that every single victory was attained through a collective movement, whether it was fake oakleys Jackie Robinson or Jesse Owens, there was always a team effort.. There are many other recommended games such as Shrek Superslam, Disney Princess Castle Party, Kim Possible: Legend of the Monkeys Eye, Hidden Expedition Titanic Game, Mermaid Matching Game, and MathCar Racing, just to name a few. Free online games for kids are also great choices for those who want to try out some interesting games..
Fifty years ago there was no such thing as strength development. Most of the players on my high school team were farm boys. We were expected to develop our muscles by lifting and throwing around 60 pound bales of hay during the summer.. Pete Gent grew up in Bangor, Michigan, where he played football but starred in basketball, leading his school to an unlikely state championship in 1960. He starred in basketball at Michigan State University, graduating in 1964 with honours in communications, and was drafted by the Baltimore Bullets. Not liking his NBA prospects, and learning that the Cowboys were offering $500 to attend an open try out, he went to Texas, where his pass catching hands so impressed the coaches he was signed.. Now as a preamble to the slide deck, we believe that audio, like video, is a widening space across radio, mobile and desktop, and that cheap nfl jerseys and the effect on that really is expanding total consumption. Content will be produced in various forms and delivered with a multiplatform approach, and we’re seeing that both obviously in audio, as well this video. Further, advertisers are increasingly demanding custom solutions and are looking for ease of execution and greater transparency. 100g (3oz) butter puff pastry(ready rolled if you like)2 tablespoons freshlygrated Parmesan2 slices of smoked pancetta,each divided into 6 pieces12 small sage leaves (or 6medium sage leaves cut inhalf diagonally)A little olive oilA little flourSeasoningRoll and cut out the pastryas before. Now put ateaspoon of Parmesan ontoeach one then spread it out tothe ray ban outlet edge. Follow with a pieceof smoked pancetta, then dipthe Cheap nfl jerseys sage leaves in olive oiland they go on next. Don’t get me wrong. I positively drool whenever I see an fake oakleys Ultra High Definition (UHD) so called 4K TV (technically, «UHD» isn’t exactly «4K,» but it’s close enough; here’s an excellent UHD primer). Over the last hockey jerseys few weeks, Samsung, LG and, this week, Vizio, all presented their 2015 UHD wares to the rest of the equally drooling tech press corps.. «He’s got a good relationship both with [director of cricket] Alec Stewart and with our new coach, Graham Ford,» Gould said. «I am sure his phone has been ringing red hot with offers from around the world and we may have to see what his motivations and priorities are. But we would love him to play any form of the game for us.». Hi, my name is Tanya Batts and I’m a personal trainer at cheap nfl jerseys Gold’s Gym. Want to show you a few exercises you can do, kind of help slim down your thighs and your hips. The things you will need for this are a mat, and just clear away some space. He said I like the concept. He called us back in a couple of cheap football jerseys china weeks and said you guys are on tomorrow. We came in the first night from 9:00 to 11:00 getting paid nothing.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *