Unix | Cyber Security Review

CVE-2020-17051: Remote kernel heap overflow in NFSv3 Windows Server

Posted onNovember 10, 2020November 16, 2020

Microsoft released a patch today for a critical vulnerability (CVE-2020-17051) in the Windows NFSv3 (Network File System) server. NFS is typically used in heterogenous environments of Windows and Unix/Linux for file sharing. The vulnerability can be reproduced to cause an Read More …

New vulnerability lets attackers sniff or hijack VPN connections

Posted onDecember 5, 2019December 6, 2019

Academics have disclosed this week a security flaw impacting Linux, Android, macOS, and other Unix-based operating systems that allows an attacker to sniff, hijack, and tamper with VPN-tunneled connections. The vulnerability — tracked as CVE-2019-14899 — resides in the networking Read More …