{"vulnerability": "CVE-2023-4911", "sightings": [{"uuid": "5e181e0d-1354-47b9-9a17-6eb34de1ef1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-21T18:10:02.000000Z"}, {"uuid": "3db7f3e3-aeab-4226-849c-63dcf0d7f291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/4afe8f7d-ae7a-40d0-868a-7c6878f2a87e", "content": "", "creation_timestamp": "2023-11-07T15:38:29.000000Z"}, {"uuid": "536c941e-87e4-4d0d-85d6-026c70227fe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971926", "content": "", "creation_timestamp": "2024-12-24T20:35:44.062128Z"}, {"uuid": "2c92c863-973d-41be-8ff9-4a61f8f72311", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:58.000000Z"}, {"uuid": "0447560e-c4f0-4e99-b946-3376ab30ae80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://gist.github.com/tradebot-elastic/0443cfb5016bed103f1940b2f336e45a", "content": "", "creation_timestamp": "2025-01-09T15:31:50.000000Z"}, {"uuid": "1b521eae-3e35-4bde-acce-970cacfeeef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "5e1e9ef3-4f7f-4efb-8618-36c96938e0dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:49.000000Z"}, {"uuid": "4c50d224-3040-4d64-9770-fd09018ec590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3m3kpzig3zs2i", "content": "", "creation_timestamp": "2025-10-19T16:31:16.569123Z"}, {"uuid": "9135eb48-f402-4f1f-b266-7bf80296a08c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "f77c0605-3da6-4142-8510-cf5a93bcabdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:50.000000Z"}, {"uuid": "6469af86-1d4f-4ec8-a3d3-4c31f14d8f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "d1bcf361-0e12-4d9d-8113-c474fb0a0172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/glibc_tunables_priv_esc.rb", "content": "", "creation_timestamp": "2023-12-20T19:21:40.000000Z"}, {"uuid": "af981cb4-364d-4537-8e1b-10804ad2ab9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/exploitdb-bot.bsky.social/post/3mel7tppqlf2p", "content": "", "creation_timestamp": "2026-02-11T10:01:07.471479Z"}, {"uuid": "d53eaf75-aa99-4761-a73a-91f9538e1b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5408", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for CVE-2023-4911 LooneyTuneables\nURL\uff1ahttps://github.com/guffre/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-14T02:33:41.000000Z"}, {"uuid": "4810dfba-5209-4dfe-b524-f79264fd7abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3meovccq2tv2k", "content": "", "creation_timestamp": "2026-02-12T21:03:13.190439Z"}, {"uuid": "88865434-e898-4ccd-a6c0-ebc3b34ec24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"}, {"uuid": "84fed991-a657-4783-afeb-bd8cbe0836e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/592b525e-7883-444e-b2e9-359de1814d5f", "content": "", "creation_timestamp": "2026-02-02T12:26:45.671500Z"}, {"uuid": "aa7b1e3c-6d5d-4865-a973-9b01cc5d3f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/97", "content": "\u26a1\ufe0fLooney Tunables: PoC\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/leesh3288/CVE-2023-4911\n\n#cve #exploit #privesc", "creation_timestamp": "2023-10-04T18:19:09.000000Z"}, {"uuid": "5fdfbb28-8e5f-4dce-b76b-6eaf422bd593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5278", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4911 proof of concept\nURL\uff1ahttps://github.com/RickdeJager/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-04T16:23:12.000000Z"}, {"uuid": "67751f50-03e8-4261-8ba0-7252b1e4bab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5274", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC for CVE-2023-4911\nURL\uff1ahttps://github.com/leesh3288/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-04T14:21:46.000000Z"}, {"uuid": "74cbdd1f-145a-4d86-b0de-cea8e53f7ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://infosec.exchange/users/certvde/statuses/116158292538427831", "content": "", "creation_timestamp": "2026-03-02T07:01:24.244332Z"}, {"uuid": "cf6bcd88-8a03-48ef-b445-24671d23b086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://gist.github.com/Metis-Intel/b94dbfe682c0d50d18e127d4891208cb", "content": "", "creation_timestamp": "2025-12-16T03:39:35.000000Z"}, {"uuid": "e251d583-1ae8-4417-8ed6-042c06832c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11719", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 PoC of CVE-2023-4911 \"Looney Tunables\".\n\nhttps://github.com/leesh3288/CVE-2023-4911\n\nhttps://github.com/RickdeJager/CVE-2023-4911", "creation_timestamp": "2023-10-13T08:52:19.000000Z"}, {"uuid": "26c8ba51-48c9-43a9-858c-01bcb746ca34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5349", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-4911\nURL\uff1ahttps://github.com/silent6trinity/looney-tuneables\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-10T13:38:49.000000Z"}, {"uuid": "9b264db3-b017-4176-8d4b-d08d2617ca8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5722", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables CVE-2023-4911\nURL\uff1ahttps://github.com/teraGL/looneyCVE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-08T09:42:13.000000Z"}, {"uuid": "456f87d4-d5c3-4bc6-a8cb-a786ddbe5054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5461", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability in various Linux distributions.\nURL\uff1ahttps://github.com/chaudharyarjun/LooneyPwner\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-17T08:37:59.000000Z"}, {"uuid": "5486b2c5-35d8-40b2-8785-b4d3d480bb0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/3399", "content": "\u200b\u26a1\ufe0f\u041b\u0438\u043d\u0443\u043a\u0441\u043e\u0438\u0434\u044b \u043d\u0430\u043f\u0440\u044f\u0433\u043b\u0438\u0441\u044c: \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f Looney Tunables \u0443\u0436\u0435 \u0433\u0443\u043b\u044f\u0435\u0442 \u043f\u043e \u0441\u0435\u0442\u0438.\n\n\ud83d\udcac \u041d\u0435 \u0443\u0441\u043f\u0435\u043b\u0438 \u043c\u044b \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u0430\u043c \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u00abLooney Tunables\u00bb, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-4911 , \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0435. \u041f\u0440\u0438\u0447\u0451\u043c \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u043a\u0440\u0430\u0439\u043d\u0435 \u043d\u0438\u0437\u043a\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435 \u2014 \u0441\u043f\u0440\u0430\u0432\u0438\u0442\u0441\u044f \u0434\u0430\u0436\u0435 \u043d\u0430\u0447\u0438\u043d\u0430\u044e\u0449\u0438\u0439 \u0445\u0430\u043a\u0435\u0440.\n\nLooney Tunables \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 Linux-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38.\n\n\u041a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u044b \u00abGLIBC TUNABLES\u00bb, \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u0443\u044e \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u00abld.so\u00bb, \u0447\u0442\u043e\u0431\u044b \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID.\n\n\u041e\u0434\u0438\u043d \u0438\u0437 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u0440\u0430\u0431\u043e\u0442\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0443\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u043c \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0423\u0438\u043b\u043b\u043e\u043c \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u043e\u043c, \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u041f\u0438\u0442\u0435\u0440\u043e\u043c \u0413\u0435\u0439\u0441\u0441\u043b\u0435\u0440\u043e\u043c \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c \u00abblasty\u00bb.\n\n\u0440\u0443\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 \u0438 \u043f\u0443\u0431\u043b\u0438\u043a\u0443\u044e\u0442 \u0441\u0432\u043e\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f CVE-2023-4911 \u043d\u0430 GitHub \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0430\u0445.\n\n\u00ab\u041d\u0430\u0448\u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f, \u0432\u0435\u0434\u0443\u0449\u0430\u044f \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u043b\u043d\u044b\u0445 root-\u043f\u0440\u0430\u0432 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Fedora, Ubuntu \u0438 Debian, \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c \u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\u00bb, \u2014 \u0437\u0430\u044f\u0432\u0438\u043b 3 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0421\u0430\u0438\u0434 \u0410\u0431\u0431\u0430\u0441\u0438, \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440 \u043f\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0443 \u043e\u0442\u0434\u0435\u043b\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437 Qualys. \u0418\u043c\u0435\u043d\u043d\u043e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Qualys \u043f\u0435\u0440\u0432\u044b\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0434\u0430\u043d\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438 \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u044b\u0435 \u0438\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Linux \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u0437-\u0437\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 Looney Tunables.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-10-06T12:50:01.000000Z"}, {"uuid": "69daad68-961a-4dee-94dc-12165fee9305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5556", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables Local privilege escalation (CVE-2023-4911) workshop\nURL\uff1ahttps://github.com/KernelKrise/CVE-2023-4911-Looney-Tunables-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-25T12:01:14.000000Z"}, {"uuid": "5857281f-b4e5-4b56-bcb5-6db6cdfa212f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5597", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aProof of concept for CVE-2023-4911 (Looney Tunables) discovered by Qualys Threat Research Unit \nURL\uff1ahttps://github.com/Diego-AltF4/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-29T12:08:24.000000Z"}, {"uuid": "1a6d8e23-340d-4d00-8fcd-557815efe653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/42", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911", "creation_timestamp": "2023-10-13T04:19:27.000000Z"}, {"uuid": "3e5f810f-299c-44ce-8137-183d86bbb453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6132", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPoC of CVE-2023-4911\nURL\uff1ahttps://github.com/snurkeburk/Looney-Tunables\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-10T18:18:37.000000Z"}, {"uuid": "7c572ad6-7474-4375-9ae8-e62c8f169e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/itsec_news/3613", "content": "\u200b\u26a1\ufe0f\u0425\u0430\u043a\u0435\u0440\u044b Kinsing \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 Looney Tunables \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445\n\n \ud83d\udcac\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0440\u0438\u043f\u0442\u043e\u0434\u0436\u0435\u043a\u0438\u043d\u0433\u043e\u0432\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Kinsing, \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e \u0432 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Linux, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u043a\u0430\u043a Looney Tunables ( CVE-2023-4911 ), \u0434\u043b\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b. \u041e\u0431 \u044d\u0442\u043e\u043c \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 AquaSec.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0437\u043d\u0430\u043c\u0435\u043d\u0443\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0432\u044b\u0439 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u043b\u0443\u0447\u0430\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f Looney Tunables, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u041d\u043e\u0432\u0430\u044f \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u0430\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 PHPUnit ( CVE-2017-9841 ), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \u042d\u0442\u043e\u0442 \u043f\u043e\u0434\u0445\u043e\u0434 \u0432 Kinsing \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u043b\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2021 \u0433\u043e\u0434\u0430.\n\n\u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 Python, \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c bl4sty 5-\u0433\u043e \u043e\u043a\u0442\u044f\u0431\u0440\u044f. \u041f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u044b Kinsing \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 PHP-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439, \u043a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c \u043f\u043e\u0441\u043b\u0435 \u0434\u0435\u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0446\u0438\u0438, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u0438\u0437 \u0441\u0435\u0431\u044f JavaScript, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0414\u0430\u043d\u043d\u044b\u0439 JavaScript-\u043a\u043e\u0434 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430\u043c\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u0430\u0442\u0430\u043a\u0438 \u2014 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041f\u043e\u0434\u043e\u0431\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u043e\u0442\u0445\u043e\u0434\u0438\u0442 \u043e\u0442 \u043e\u0431\u044b\u0447\u043d\u043e\u0439 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438 \u0433\u0440\u0443\u043f\u043f\u044b Kinsing, \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0432\u0448\u0435\u0439\u0441\u044f \u0432 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u043e \u0441\u0432\u0438\u0434\u0435\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0443\u0435\u0442 \u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043e\u0432 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043c\u043e\u0433\u0443\u0442 \u0441\u0442\u0430\u0442\u044c \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0437\u043d\u043e\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u0438 \u0438\u043d\u0442\u0435\u043d\u0441\u0438\u0432\u043d\u044b\u043c\u0438, \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-06T09:55:49.000000Z"}, {"uuid": "750abd10-7eb7-4a7e-8654-fb9749ea9770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8302", "content": "\u200aCVE-2023-4911 Looney Tunables Glibc Linux Privilege Escalation | Update Your Linux Now !\n\nhttps://www.youtube.com/watch?v=lv4e742FR_8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "ffcc7828-3610-49ac-b285-e8d6cee56122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/BleepingComputer/18829", "content": "\u200aHackers exploit Looney Tunables Linux bug, steal cloud creds\n\nThe operators of the Kinsing malware are targeting cloud environments with systems vulnerable to \"Looney Tunables,\" a Linux security issue\u00a0identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hackers-exploit-looney-tunables-linux-bug-steal-cloud-creds/", "creation_timestamp": "2023-11-06T21:41:52.000000Z"}, {"uuid": "be6f05b3-36d9-4e9f-b894-1d3bb2872cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3187", "content": "Exploit tool for CVE-2023-4911, targeting the 'Looney Tunables' glibc vulnerability (https://www.kitploit.com/search/label/Vulnerability) in various Linux distributions.  LooneyPwner is a proof-of-concept (PoC) exploit tool targeting the critical buffer overflow (https://www.kitploit.com/search/label/Buffer%20Overflow) vulnerability, nicknamed \"Looney Tunables,\" found in the GNU C Library (glibc). This flaw, officially tracked as CVE-2023-4911, is present in various Linux distributions, posing significant risks, including unauthorized data access and system alterations.\n    The vulnerability in the GNU C Library (glibc) was disclosed last week, with notable security researchers and analysts releasing PoC exploits, indicating the potential for widespread attacks. The flaw, discovered by Qualys researchers, can grant attackers root privileges on various Linux distributions including Fedora, Ubuntu, and Debian.  Unauthorized root access provides attackers unrestricted authority, enabling them to:    Modify, delete, or steal sensitive data.  Install malicious software or backdoors.  Facilitate ongoing attacks that may remain undetected (https://www.kitploit.com/search/label/Undetected) for extended periods.  Cause data breaches, accessing customer data, intellectual property, and financial records.  Disrupt critical system operations, potentially causing service outages and harming an organization's reputation.      LooneyPwner exploits (https://www.kitploit.com/search/label/Exploits) the \"Looney Tunables\" flaw, targeting affected glibc versions. The tool:    Detects the installed glibc version.  Checks for vulnerability status.  Offers an option for exploitation (https://www.kitploit.com/search/label/Exploitation) if vulnerable.      chmod +x looneypwner.sh\n./looneypwner.sh  \n    This tool is intended for educational purposes and security research only. The user assumes all responsibility for any damages or misuse resulting from its use.    This exploit code is based on the work of leesh3288 (https://github.com/leesh3288/CVE-2023-4911). A big thanks to him for the foundational work on the exploit.  \n\nDownload LooneyPwner (https://github.com/chaudharyarjun/LooneyPwner)", "creation_timestamp": "2023-10-27T13:49:22.000000Z"}, {"uuid": "518e2cda-3633-4794-8d09-fd6aa01fdac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3258", "content": "Local Privilege Escalation glibc's ld.so (CVE-2023-4911)\n\n\u27a1\ufe0f \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \n\n\ud83d\udd25POC: https://github.com/leesh3288/CVE-2023-4911\n\n#linux #lpe\n\n\ud83d\udcac \u041a\u0430\u043d\u0430\u043b | \ud83d\udcf6 Github", "creation_timestamp": "2023-10-06T12:16:02.000000Z"}, {"uuid": "52c28456-85e3-4e5c-8fb9-435c0661f396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/R0_Crew/2095", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2023-10-04T16:50:02.000000Z"}, {"uuid": "eec544c5-9839-475f-a3a1-b7a0a2161d0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3185", "content": "LooneyPwner - Exploit Tool For CVE-2023-4911, Targeting The 'Looney Tunables' Glibc Vulnerability In Various Linux Distributions\nhttp://www.kitploit.com/2023/10/looneypwner-exploit-tool-for-cve-2023.html", "creation_timestamp": "2023-10-27T21:10:22.000000Z"}, {"uuid": "13acfb2a-b9fa-4f65-b0aa-5039546ce376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8296", "content": "\u200aCVE-2023-4911 Glibc Linux Privilege Escalation | Update Your Linux Now !\n\nhttps://www.youtube.com/watch?v=lv4e742FR_8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "18497d0c-a4c0-43aa-8104-b8c2764ce922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/YouPentest/8291", "content": "\u200aLooking into the Looney Tunable Linux Privesc CVE-2023-4911\n\nhttps://www.youtube.com/watch?v=1iV-CD9Apn8", "creation_timestamp": "2023-12-28T09:09:18.000000Z"}, {"uuid": "12657643-e27f-4076-aa40-0bb2a89fb861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/161", "content": "\u26a1\ufe0fLooney Tunables: PoC\n\n\ud83d\udce3\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442:\nhttps://github.com/leesh3288/CVE-2023-4911\n\n#cve #exploit #privesc", "creation_timestamp": "2023-10-04T18:19:09.000000Z"}, {"uuid": "7d542efc-9e84-4e0d-9e29-fdc95845794a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/kasperskyb2b/918", "content": "\ud83d\udc40 \u041d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u0430\u044f LPE \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux. \u041f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 ld.so, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a GNU C, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f GLIBC_TUNABLES,  \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e root. \u041d\u0430\u0448\u0435\u0434\u0448\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Qualys \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043d\u0435\u0441\u043b\u043e\u0436\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u043d\u0438 \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0430\u0442 \u0434\u0435\u0442\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043e \u0431\u043e\u043b\u0435\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f  \u043f\u0430\u0442\u0447\u0430.  \n\u0414\u0435\u0444\u0435\u043a\u0442 CVE-2023-4911 (CVSS 7.8) \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432 2021 \u0433\u043e\u0434\u0443 \u0438 \u0440\u0430\u0441\u043f\u043e\u043b\u0437\u0441\u044f \u043f\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0443 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Fedora, Ubuntu,  Debian \u0438 Red Hat (RHEL).\n\n\u041f\u0430\u0442\u0447 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u043d\u043e \u0432 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u043a\u043e\u0433\u0434\u0430 \u044d\u0442\u043e \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, Red Hat \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u043c\u0435\u0440\u044b \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u043a\u0430\u0436\u0434\u043e\u0439 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-10-04T13:28:31.000000Z"}, {"uuid": "e00464cf-316e-42e8-b7d2-5f3a24c4a929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5557", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aLooney Tunables Local privilege escalation (CVE-2023-4911) workshop\nURL\uff1ahttps://github.com/KernelKrise/CVE-2023-4911\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-25T12:07:29.000000Z"}, {"uuid": "44e3ff1f-774a-414b-8845-f5e4392c287e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CherepawwkaChannel/205", "content": "\u0412\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0437\u0430\u043c\u0435\u0442\u043a\u0430 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 glibc Looney Tunables (CVE-2023-4911) \n\u0420\u0435\u0431\u044f\u0442\u0430, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\u0412\u0435\u0440\u0441\u0438\u044f glibc, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c: 2.34\n\u0421\u0430\u043c\u0430\u044f \u0441\u0432\u0435\u0436\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445 Debian \u0438 Ubuntu (2.35+) \u0443\u0436\u0435 \u0441 \u0444\u0438\u043a\u0441\u043e\u043c\n\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e:\nldd --version\nPoC:\nenv -i \"GLIBC_TUNABLES=glibc.malloc.mxfast=glibc.malloc.mxfast=A\" \"Z=`printf '%08192x' 1`\" /usr/bin/su --help\n\u0415\u0441\u043b\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c Segmentation fault, \u0442\u043e \u0432\u0441\u0451 \u043f\u043b\u043e\u0445\u043e.\n\u0415\u0441\u043b\u0438 \u0432\u0438\u0434\u0438\u043c \u043e\u0431\u044b\u0447\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 su --help, \u0442\u043e \u0432\u0441\u0451 \u0432\u0440\u043e\u0434\u0435 \u0445\u043e\u0440\u043e\u0448\u043e.\n\n\u0412\u0435\u0440\u0441\u0438\u044f 2.28 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u0430, \u0435\u0441\u043b\u0438 \u0441\u0443\u0434\u0438\u0442\u044c \u043f\u043e \u044d\u0442\u043e\u043c\u0443: https://access.redhat.com/security/cve/cve-2023-4911\n\nPoC \u043d\u0430 GitHub:\nhttps://github.com/leesh3288/CVE-2023-4911\nhttps://github.com/RickdeJager/CVE-2023-4911\nhttps://haxx.in/files/gnu-acme.py\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u0435\u0441\u0442\u043e\u0432\u043e\u0439 \u0441\u0440\u0435\u0434\u0435 \u0432 \u0446\u0435\u043b\u044f\u0445 \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043d\u0446\u0438\u043f\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041d\u0435\u0441\u0430\u043d\u00ad\u043a\u0446\u0438\u00ad\u043e\u043d\u0438\u00ad\u0440\u043e\u0432\u0430\u043d\u00ad\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0435 \u043a \u043d\u0430\u0440\u0443\u0448\u0435\u00ad\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u0438\u0441\u00ad\u0442\u0435\u043c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0441\u00ad\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c\u00ad\u0441\u044f \u043f\u043e \u0437\u0430\u043a\u043e\u043d\u0443.\n\n\u041f\u043e\u043a\u0430 \u043d\u0430\u0445\u043e\u0436\u0443\u0441\u044c \u0432 \u0440\u0430\u0437\u0434\u0443\u043c\u044c\u044f\u0445 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u0438. \u0418\u0437 \u0438\u0434\u0435\u0439 \u043f\u043e\u043a\u0430 \u0442\u0430\u043a:\n\nevent Start_Same_Process:\n    key:\n        event_src.host, object.process.name, subject.account.session_id, subject.account.name, subject.account.id\n    filter {\n        filter::NotFromCorrelator()\n    and filter::OperatingSystem_UNIXLike()\n        and msgid == \"execve\"\n        and object == \"process\"\n        and action == \"start\"\n        and object.process.name == \"su\"  # \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u043f\u0440\u043e\u0441\u044b\n        and filter::CheckWL_Specific_Only(\"Possible_Looney_Tunables_exploitation\", join([event_src.host, subject.account.id, object.process.name], \"|\"))\n    }\n\nrule Possible_Looney_Tunables_exploitation: (Start_Same_Process[50,]) timer 10s\n\n\u0412 \u0438\u0434\u0435\u0430\u043b\u0435 \u0434\u043e\u0431\u0438\u0442\u044c \u0434\u0435\u0442\u0435\u043a\u0442 \u0434\u043e rule Possible_Successful_Looney_Tunables_exploitation: (Start_Same_Process[50,]) timer 10s -> Spawn_Interactive_Shell, \u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 \u043f\u043e\u043d\u0438\u043c\u0430\u043d\u0438\u044f, \u043a\u0430\u043a \u0441\u043e\u0433\u043b\u0430\u0441\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0431\u044b\u0442\u0438\u0435 \u0441\u043f\u0430\u0432\u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0448\u0435\u043b\u043b\u0430.", "creation_timestamp": "2023-11-12T10:54:02.000000Z"}, {"uuid": "f3ee3c94-ccab-4310-8837-f81d96d272fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/kasperskyb2b/924", "content": "\u23e9 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u0418\u0411-\u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\u2699\ufe0f \u041e\u0431\u0437\u043e\u0440 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Kaspersky ICS CERT. \u041e\u0442\u0447\u0451\u0442 \u043f\u043e\u0441\u0432\u044f\u0449\u0451\u043d \u043a\u0440\u0438\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0438 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0437\u043c\u0443 \u2014 \u0447\u0438\u0441\u043b\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043f\u043e\u043b\u0433\u043e\u0434\u0430 \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u0432 \u043f\u043e\u043b\u0442\u043e\u0440\u0430 \u0440\u0430\u0437\u0430. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u044b\u0435 \u0441\u0435\u043a\u0442\u043e\u0440\u0430 \u2014 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u043e, \u0430\u0432\u0442\u043e\u043f\u0440\u043e\u043c \u0438 \u044d\u043d\u0435\u0440\u0433\u0435\u0442\u0438\u043a\u0430. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u0441\u043e\u0432\u0435\u0441\u0442\u0438 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\ud83d\udd20\ud83d\udd20\ud83d\udd20 \u0420\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0430 ransomware \u043d\u0430\u0434\u043e \u0432\u0441\u0451 \u0431\u044b\u0441\u0442\u0440\u0435\u0435. \u0412\u0440\u0435\u043c\u044f, \u043f\u0440\u043e\u0432\u0435\u0434\u0451\u043d\u043d\u043e\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c\u0438 \u0432 \u0441\u0435\u0442\u0438, \u0441\u043d\u0438\u0437\u0438\u043b\u043e\u0441\u044c \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 12 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0441 4,5 \u0434\u043d\u0435\u0439 \u0434\u043e \u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u0447\u0430\u0441\u043e\u0432. \u0412 \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u0435 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u0440\u0430\u0441\u043a\u0430\u0442\u043a\u0430 ransomware \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0441\u0443\u0442\u043e\u043a, \u0432 10% \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u2014 \u0437\u0430 \u043f\u044f\u0442\u044c \u0447\u0430\u0441\u043e\u0432. \n\n\ud83d\udccc CISA \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438  \u043e\u0442\u0447\u0451\u0442 \u043e \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u0445, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0445 \u043a \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u043c \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c.  \u0412 \u0442\u043e\u043f-3 \u0443\u0432\u0435\u0440\u0435\u043d\u043d\u043e \u0432\u043e\u0448\u043b\u0438 \u0434\u0435\u0444\u043e\u043b\u0442\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u0430\u0434\u043c\u0438\u043d\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438.  \u0411\u043e\u043b\u0435\u0435 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u043e\u0442\u0447\u0451\u0442\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u0443\u0435\u043c \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 TeamCity \u0438 WS_FTP server \u0443\u0436\u0435 \u0432\u0441\u0442\u0430\u043b\u0438 \u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0443 \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439. Teamcity \u2014 CVE-2023-42793, WS_FTP \u2014  CVE-2023-40044. \n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0440\u044f\u0434 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0440\u0435\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043b\u0438 PoC \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438  CVE-2023-4911 \u0432 ld.so (\u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a GNU C), \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0439 \u043e\u0442\u0441\u0447\u0451\u0442 \u0434\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0448\u0451\u043b.\n\n\ud83c\udfaf \u041e\u0442\u0447\u0451\u0442 \u043e \u043d\u043e\u0432\u044b\u0445 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u044f\u0445 Mirai, \u0446\u0438\u0440\u043a\u0443\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0441 \u043b\u0435\u0442\u0430: catDDoS, hailBot,kiraiBot. \n\n\u0418 \u0441\u043d\u043e\u0432\u0430 \u0441 \u0432\u0430\u043c\u0438 \u043d\u0430\u0448\u0430 \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0440\u0443\u0431\u0440\u0438\u043a\u0430 \u0432 open source \u043f\u0440\u0435\u043a\u0440\u0430\u0441\u043d\u0430\u044f \u043f\u043e\u0433\u043e\u0434\u0430 \ud83c\udf1e\n\n1\ufe0f\u20e3 \u0418\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u043e\u043c \u0437\u0430\u0442\u0440\u043e\u044f\u043d\u0435\u043d\u044b \u0431\u043e\u043b\u0435\u0435 100 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 Python, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 75 \u0442\u044b\u0441\u044f\u0447 \u0440\u0430\u0437. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430\u043c\u0438 \u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u0441\u043e\u0432\u0435\u0440\u0448\u0438\u0442\u044c \u043a\u0440\u0430\u0436\u0438 \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043d\u0430 $100 000. \n\n2\ufe0f\u20e3 \u0412 npm \u043e\u043a\u043e\u043b\u043e \u043d\u0435\u0434\u0435\u043b\u0438 \u0436\u0438\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 node-hide-console-windows (\u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u0431\u0443\u043a\u0432\u043e\u0439  s \u0432 \u043a\u043e\u043d\u0446\u0435), \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u0436\u0435\u0440\u0442\u0432\u0430\u043c \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u0439  \u0442\u0440\u043e\u044f\u043d DiscordRAT 2.0, \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u0430\u0441\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u044b\u043c \u0436\u0435 \u0440\u0443\u0442\u043a\u0438\u0442\u043e\u043c r77.\n\n3\ufe0f\u20e3 \u0422\u0430\u043c \u0436\u0435 \u0432 npm \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e \u0435\u0449\u0451 \u0431\u043e\u043b\u0435\u0435 30 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0432\u043e\u0440\u0443\u044e\u0449\u0438\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0441 \u043c\u0430\u0448\u0438\u043d\u044b.\n\n4\ufe0f\u20e3 \u0412\u043e\u043e\u0431\u0449\u0435 \u0436\u0435 \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u0433\u043e\u0434 Sonatype \u043d\u0430\u0441\u0447\u0438\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 245000 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f\u0445, \u044d\u0442\u043e \u0432\u0434\u0432\u043e\u0435 \u0431\u043e\u043b\u044c\u0448\u0435 \u0447\u0435\u043c \u0437\u0430 \u0434\u0432\u0430 \u043f\u0440\u043e\u0448\u043b\u044b\u0445 \u0433\u043e\u0434\u0430 \u0432\u043c\u0435\u0441\u0442\u0435 \u0432\u0437\u044f\u0442\u044b\u0445.\n\n\ud83d\udc30 \u0410\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0433\u043e MaaS BunnyLoader, \u0431\u0435\u0441\u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0433\u043e \u0412\u041f\u041e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u044e\u0449\u0435\u0433\u043e \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430 \u0438 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u0430. \u041d\u0430 \u0447\u0451\u0440\u043d\u043e\u043c \u0440\u044b\u043d\u043a\u0435 \u043e\u043d \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435, \u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e \u043d\u0430\u0431\u0438\u0440\u0430\u0435\u0442 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0434\u0435\u0448\u0435\u0432\u0438\u0437\u043d\u0435, \u043c\u043d\u043e\u0433\u043e\u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u044b\u0441\u0442\u0440\u043e\u043c\u0443 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u044e.\n\n\u041a\u0430\u043a \u043c\u044b \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u0438 \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0432 \u043f\u044f\u0442\u043d\u0438\u0446\u0443, \u0430\u0442\u0430\u043a\u0438 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0430 \u0441\u0442\u0430\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b, \u0438 \u0432\u043e\u0442 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0435 \u0438\u043b\u043b\u044e\u0441\u0442\u0440\u0430\u0446\u0438\u0438:  \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cytrox \u0438 \u0435\u0451 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Predator \u0431\u044b\u043b\u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043d\u044b \u0432 \u0434\u0435\u0442\u0430\u043b\u044f\u0445 \u2014 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u0442\u0440\u0430\u043d\u0430\u0445 (\u043e\u0442 \u041f\u043e\u0440\u0442\u0443\u0433\u0430\u043b\u0438\u0438 \u0434\u043e \u0418\u043d\u0434\u043e\u043d\u0435\u0437\u0438\u0438) \u0438 \u0440\u0430\u0437\u0431\u043e\u0440 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0434\u0435\u044f\u0442\u0435\u043b\u044f.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2023-10-09T08:37:20.000000Z"}, {"uuid": "212c0237-9fd6-4522-9f4c-7b7e6198a21b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/890", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-02T03:28:57.000000Z"}, {"uuid": "82a487f9-b84c-416b-96ca-5d50a73e3505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/arpsyndicate/2190", "content": "#ExploitObserverAlert\n\nCVE-2023-49119\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49119. Stored cross-site scripting vulnerability via the img tags exists in GROWI versions prior to v6.0.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.", "creation_timestamp": "2023-12-28T04:33:21.000000Z"}, {"uuid": "b665b15f-59bf-4929-b2e8-174a10d7d4fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/143379", "content": "https://ift.tt/IRkQTU8\nLooney Tunables? CVE-2023-4911? You might be using a vulnerable Linux distribution.", "creation_timestamp": "2023-10-16T16:29:43.000000Z"}, {"uuid": "93d066a2-920f-446d-a330-cb8eef0d13d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/140936", "content": "https://ift.tt/eT1DUqc\nCVE-2023-4911: Looney Tunables \u2013 Local Privilege Escalation in the glibc\u2019s ld.so", "creation_timestamp": "2023-10-03T19:26:43.000000Z"}, {"uuid": "7e7c39c1-01d0-4372-8aca-352215735161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/141415", "content": "https://ift.tt/jBYQLXE\n\u201cLooney Tunables\u201d bug allows root access on Linux distros (CVE-2023-4911)", "creation_timestamp": "2023-10-05T16:12:34.000000Z"}, {"uuid": "ca6838ba-0b22-430e-9107-cea6290c282d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/Hf2Yd-qzy1GIe-P5j22BYiVqvoJdTpZ0raHmggM7-I_6rw", "content": "", "creation_timestamp": "2023-11-22T23:10:12.000000Z"}, {"uuid": "7418e1a3-f87f-4aef-a8d2-d68d4d4b96bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/KomunitiSiber/882", "content": "Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions\nhttps://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html\n\nA new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library's ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges.\nTracked as\u00a0CVE-2023-4911\u00a0(CVSS score: 7.8), the issue is a buffer overflow that resides in the dynamic loader's processing of the\u00a0GLIBC_TUNABLES", "creation_timestamp": "2023-10-04T10:49:21.000000Z"}, {"uuid": "0fa9e8a3-2c2e-4269-a059-1bdddc0c9979", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/363", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 178 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-22T22:39:10.000000Z"}, {"uuid": "b917aa37-2783-463e-9d1b-4bde279d6e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/1755", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 237 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-11T14:31:46.000000Z"}, {"uuid": "be204373-2e1e-444e-9b67-13be1493483c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/DC49U-yyOf0wvALqOLP1PpSKVxWrQUjwJZr2ekYXZeihgw", "content": "", "creation_timestamp": "2023-10-04T09:54:27.000000Z"}, {"uuid": "969430e3-6b80-4f51-ac43-b776d29baad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/arpsyndicate/650", "content": "#ExploitObserverAlert\n\nCVE-2023-4911\n\nDESCRIPTION: Exploit Observer has 238 entries related to CVE-2023-4911. A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\nFIRST-EPSS: 0.018070000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-28T14:04:36.000000Z"}, {"uuid": "04a99c08-a401-4170-8694-1ffa3ae00c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "Telegram/C76ai0_bgvZONqwqAe3DAeLx5rlYtLmUWaWBqGfpikou0T8", "content": "", "creation_timestamp": "2023-11-03T20:39:04.000000Z"}, {"uuid": "984fd80c-eac2-4e4f-a49d-dfef12aaa30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/DjajqwOKtfZ_M5ClV_Ht6Zj14zVZ5RqpF76L3bZ8ar0sOu4", "content": "", "creation_timestamp": "2025-02-18T22:00:05.000000Z"}, {"uuid": "03a06ceb-28ab-4a94-ae1d-13741860ce9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/s35AMqhqtadEqpjRxkI5cW3sPSrTin72JMblREttZD-iDXg", "content": "", "creation_timestamp": "2025-03-06T10:00:05.000000Z"}, {"uuid": "96ec2a6a-3a27-4b8b-b24d-c9b9674ce48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "Telegram/9b6wG6Il7-Fs6fbMdT7ZuXLkWZY4c8ncON5lXsj9jLiXJkM", "content": "", "creation_timestamp": "2023-10-10T13:37:00.000000Z"}, {"uuid": "a27688fb-c124-46ad-ae28-68ecdc3f96ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/71860", "content": "\ud83d\udd74 'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits \ud83d\udd74\n\nFollowing the publication of the critical Linux security vulnerability, security specialists released PoC exploits to test the implications of CVE-2023-4911.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2023-10-09T22:21:04.000000Z"}, {"uuid": "a22c0706-dbd5-4985-b5cb-9badba0c0f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/292", "content": "CVE-2023-4911\n: https://github.com/ruycr4ft/CVE-2023-4911 \nExploiter (Python3): https://haxx.in/files/gnu-acme.py", "creation_timestamp": "2023-10-13T16:09:01.000000Z"}, {"uuid": "fe671dcc-184d-4d07-975d-43bbe2e9116a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/MrBDKR28/3392", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2023-10-09T11:25:44.000000Z"}, {"uuid": "ceb96e2e-3b8d-4cc5-b1d1-37e244ec5de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/Redscriptteam/4443", "content": "#CVE-2023-4911\n\nPoC for CVE-2023-4911\n\nhttps://github.com/leesh3288/CVE-2023-4911", "creation_timestamp": "2023-10-14T21:01:59.000000Z"}, {"uuid": "c8e8c1af-e8ce-45ba-ab76-45ad9bb7430a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/true_secator/4925", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Linux, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a Looney Tunables, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 ld.so \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 GNU C.\n\nGNU C (glibc) \u2014 \u044d\u0442\u043e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 C \u0441\u0438\u0441\u0442\u0435\u043c\u044b GNU, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 \u044f\u0434\u0440\u0430 Linux \u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0432\u044b\u0437\u043e\u0432\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a open, malloc, printf, \u0432\u044b\u0445\u043e\u0434 \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b.\u00a0\n\n\u0414\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u0432 glibc \u0438\u043c\u0435\u0435\u0442 \u043f\u0435\u0440\u0432\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0443 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Linux, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 glibc.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f Qualys\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2023-4911) \u0431\u044b\u043b\u0430 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2021 \u0433\u043e\u0434\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c glibc 2.34 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u043c\u0438\u0442, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043a\u0430\u043a \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f SXID_ERASE \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u0445 \u0441 setuid.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u044b GLIBC_TUNABLES \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38 (Alpine Linux \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442\u0441\u044f), \u0430 \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e root-\u043f\u0440\u0430\u0432.\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 Red Hat, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b GLIBC_TUNABLES \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0434\u0432\u043e\u0438\u0447\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e PoC \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043b\u0435\u0433\u043a\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432 \u0441\u0430\u043c\u043e\u0435 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0431\u044b\u0441\u0442\u0440\u043e.", "creation_timestamp": "2023-10-04T15:25:30.000000Z"}, {"uuid": "ea0a232d-d60d-450b-ad9f-884dfa52f026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/4936", "content": "DANGER! \u0412 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 GNU C Library, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Looney Tunables, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-4911, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 Debian 12 \u0438 13, Ubuntu 22.04 \u0438 23.04, \u0430 \u0442\u0430\u043a\u0436\u0435 Fedora 37 \u0438 38.\n\n\u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u043c\u043e\u0433\u0443\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c SUID, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f GLIBC_TUNABLES, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c ld.so.\n\n\u0421 \u0442\u0435\u0445 \u043f\u043e\u0440 \u043a\u0430\u043a \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Qualys \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0443\u0441\u043f\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u044c PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b \u0432 \u0432\u0438\u0434\u0443 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0443\u0433\u0440\u043e\u0437\u044b, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0449\u0430\u044f  root-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c \u043d\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c Linux, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Fedora, Ubuntu \u0438 Debian. \n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0432\u043f\u0435\u0440\u0435\u0434\u0438 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435, \u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u043e 72 \u0447\u0430\u0441\u043e\u0432 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u043e\u0442\u043c\u0435\u043d\u044f\u043b.", "creation_timestamp": "2023-10-06T14:05:05.000000Z"}, {"uuid": "e02e2a4b-2c8d-46ae-90c5-6bf4f52e4c72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/cibsecurity/71521", "content": "\u203c CVE-2023-4911 \u203c\n\nA buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T22:25:32.000000Z"}, {"uuid": "9a6cd117-228b-485a-a89f-cb9e3bc47065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49118", "type": "seen", "source": "https://t.me/ctinow/192625", "content": "https://ift.tt/RGjK2qW\nCVE-2023-49118 | OpenHarmony up to 3.2.4/4.0.0 out-of-bounds", "creation_timestamp": "2024-02-24T15:16:54.000000Z"}, {"uuid": "4d4cd425-9bce-43f6-8349-9eb47bc1d9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/1049", "content": "https://github.com/RickdeJager/CVE-2023-4911\n- @DailyToolz | share and support us.", "creation_timestamp": "2023-10-22T00:37:39.000000Z"}, {"uuid": "043ff3b0-084b-49a3-a1db-d11a5f814560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49117", "type": "seen", "source": "https://t.me/ctinow/170127", "content": "https://ift.tt/SLUfhnI\nCVE-2023-49117 | Alfasado PowerCMS up to 4.54/5.24/6.31 cross site scripting", "creation_timestamp": "2024-01-19T10:16:38.000000Z"}, {"uuid": "6d4ad753-0db7-4c81-b1c0-ea721e44e948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49115", "type": "seen", "source": "https://t.me/ctinow/187298", "content": "https://ift.tt/PvifptK\nCVE-2023-49115 | MachineSense FeverWarn MQTT Message missing authentication (icsa-24-025-01)", "creation_timestamp": "2024-02-18T16:46:31.000000Z"}, {"uuid": "cf73d819-410b-4eb2-994d-f3e5ac34451d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/ctinow/180825", "content": "https://ift.tt/C4ayTwf\nCVE-2023-4911 | Oracle Communications Cloud Native Core Security Edge Protection Proxy Signaling Local Privilege Escalation", "creation_timestamp": "2024-02-07T16:42:06.000000Z"}, {"uuid": "73a471b7-2c47-4e22-882b-f53137afc560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49115", "type": "seen", "source": "https://t.me/ctinow/177838", "content": "https://ift.tt/W9zwY5r\nCVE-2023-49115", "creation_timestamp": "2024-02-02T00:26:24.000000Z"}, {"uuid": "f0e48a04-7c9f-47cf-a694-ae65e241c827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49118", "type": "seen", "source": "https://t.me/ctinow/177969", "content": "https://ift.tt/k1HPgYG\nCVE-2023-49118", "creation_timestamp": "2024-02-02T08:31:29.000000Z"}, {"uuid": "e76fa5e1-c02e-4bf1-8909-a2510c40017f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/ctinow/170126", "content": "https://ift.tt/6z4PRsE\nCVE-2023-49119 | WESEEK GROWI up to 5.x cross site scripting", "creation_timestamp": "2024-01-19T10:16:37.000000Z"}, {"uuid": "6790cd75-bad0-413e-8a4e-0ee6a07aba2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49119", "type": "seen", "source": "https://t.me/ctinow/159286", "content": "https://ift.tt/4IDeGvp\nCVE-2023-49119", "creation_timestamp": "2023-12-26T09:26:55.000000Z"}, {"uuid": "f430a0fe-5ea1-47d2-b9a9-e04123f8c165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49117", "type": "seen", "source": "https://t.me/ctinow/159266", "content": "https://ift.tt/yWMlwbs\nCVE-2023-49117", "creation_timestamp": "2023-12-26T07:26:48.000000Z"}, {"uuid": "94ecb338-cfdc-41cf-b45e-3c4ff82c6deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/GDSpace/962", "content": "\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440 \u043f\u043e \u0418\u0411, \u0432\u044b\u043f\u0443\u0441\u043a \u21166 (08.10.2023). \u0417\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u044d\u043f\u0438\u0437\u043e\u0434. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043c\u044b \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u041c\u044b \u044d\u0442\u043e:\n\n\ud83d\udd38 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041b\u0435\u043e\u043d\u043e\u0432, \"\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u0440\u043e\u0447\u0435\u0435\"\n\ud83d\udd38 \u041b\u0435\u0432 \u041f\u0430\u043b\u0435\u0439, \"\u0412\u0435\u0441\u0442\u0438 \u0438\u0437 \u041f\u0430\u043b\u0435\u0439\"\n\ud83d\udd38 \u041c\u0430\u043a\u0441\u0438\u043c \u0425\u0430\u0440\u0430\u0441\u043a, \"Global Digital Space\"\n\n00:00 \u0417\u0434\u043e\u0440\u043e\u0432\u0430\u0435\u043c\u0441\u044f, \u0441\u043c\u043e\u0442\u0440\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430\n02:18 \u0421\u0430\u0448\u0430 \u0432\u044b\u0448\u0435\u043b \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0432 Positive Technologies \u0438 \u0447\u0435\u043c \u0436\u0435 \u043e\u043d \u0442\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043d\u0438\u043c\u0430\u0442\u044c\u0441\u044f\n04:50 RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exim (CVE-2023-42115)\n08:16 SSRF/RCE \u0432 TorchServe (CVE-2023-43654, CVE-2022-1471), ShellTorch\n12:05 \u0412 Cisco Emergency Responder \u043d\u0430\u0448\u043b\u0438 root-\u043e\u0432\u044b\u0435 \u0443\u0447\u0451\u0442\u043a\u0438 \u0441 \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438 (CVE-2023-20101)\n16:44 \u041d\u043e\u0432\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenPubkey\n17:56 EoP \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Atlassian Confluence (CVE-2023-22515)\n23:42 \u0413\u0440\u044f\u0434\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c cURL \u0438 libcurl (CVE-2023-38545)\n27:07 \u041d\u043e\u0432\u0430\u044f bug bounty \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b\n30:32 \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0440\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \"\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e\" \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c DDOS-\u0430\u0442\u0430\u043a\u0435 \u0438\u0437-\u0437\u0430 \u0440\u0443\u0431\u0435\u0436\u0430\n35:22 \u042d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0430 Xiaomi \u0432\u044b\u0448\u043b\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u043f\u043e \u0432\u0441\u0435\u0439 \u0420\u043e\u0441\u0441\u0438\u0438\n36:38 Qualys-\u044b \u043d\u0430\u0440\u0435\u0441\u0435\u0440\u0447\u0438\u043b\u0438 EoP/LPE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e \u0432\u0441\u0435\u0445 Linux-\u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0430\u0445, \u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0432 glibc (CVE-2023-4911)\n39:19 XSpider-\u0443 25 \u043b\u0435\u0442. \u0420\u043e\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u043c\u0443 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c\u0443 Vulnerability Management-\u0443. \u041e\u0431\u0441\u0443\u0436\u0434\u0430\u0435\u043c \u0432 \u043a\u0430\u043a\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u0442\u0441\u044f VM.\n46:42 \u041f\u0440\u043e\u0449\u0430\u043d\u0438\u0435 \u043e\u0442 Mr. X\n\n@avleonovrus #\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440\u041f\u043e\u0418\u0411 #PositiveTechnologies #Exim #TorchServe #Cisco #OpenPubkey #Atlassian #Confluence #cURL #libcurl #bugbounty #\u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b #\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e #Xiaomi #Qualys #Linux #glibc #XSpider #VulnerabilityManagement #MaxPatrolVM", "creation_timestamp": "2023-10-09T21:14:14.000000Z"}, {"uuid": "cf2e03b7-d3e3-4915-89b7-7a92db108ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/xakep_ru/14951", "content": "Linux-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Looney Tunables \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Kinsing \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445\n\n\u041e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u043c\u0430\u043b\u0432\u0430\u0440\u0438 Kinsing \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b \u0441 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 Looney Tunables. \u041d\u0430\u043f\u043e\u043c\u043d\u0438\u043c, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-4911 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\nhttps://xakep.ru/2023/11/08/looney-tunables-kinsing/", "creation_timestamp": "2023-11-08T15:37:39.000000Z"}, {"uuid": "bd6d9df7-4c73-418d-bfde-aa5a4c198840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/information_security_channel/50771", "content": "Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions\nhttps://www.securityweek.com/severe-glibc-privilege-escalation-vulnerability-impacts-major-linux-distributions/\n\nA local privilege escalation vulnerability (CVE-2023-4911) in the GNU C Library (glibc) can be exploited to gain full root privileges.\nThe post Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions (https://www.securityweek.com/severe-glibc-privilege-escalation-vulnerability-impacts-major-linux-distributions/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2023-10-04T17:11:53.000000Z"}, {"uuid": "a3ace05e-7628-4f91-89fc-3333207d3948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/xakep_ru/14791", "content": "\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 Looney Tunables \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u0432 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux\n\n\u041d\u043e\u0432\u0430\u044f Linux-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Looney Tunables (CVE-2023-4911), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0435 ld.so \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 GNU C. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Fedora, Ubuntu, Debian \u0438 \u0442\u0430\u043a \u0434\u0430\u043b\u0435\u0435.\n\nhttps://xakep.ru/2023/10/05/looney-tunables/", "creation_timestamp": "2023-10-05T10:34:33.000000Z"}, {"uuid": "8f9693b8-66b6-43b4-a7c1-da26c5dff28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "seen", "source": "https://t.me/thehackernews/3963", "content": "New Linux vulnerability (CVE-2023-4911) named Looney Tunables found in the GNU C library's dynamic loader. Exploitation could lead to root privileges. \n \nLearn how it affects major #Linux distributions: https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html", "creation_timestamp": "2023-10-04T16:43:46.000000Z"}, {"uuid": "45223719-2777-47ea-8ee7-51d42b22f832", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1257", "content": "https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\ncve 2023-4911", "creation_timestamp": "2023-10-10T18:26:06.000000Z"}, {"uuid": "15b85057-317b-4bd4-b1db-584c9f0ae2ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "exploited", "source": "https://t.me/SecLabNews/14381", "content": "\u0412\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Linux, \u0434\u0430\u044e\u0449\u0435\u0439 root \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445\n\n\u2757\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043a\u0430\u043a \u201cLooney Tunables\u201d \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-4911, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 ld.so - \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0440\u0430\u0437\u0434\u0435\u043b\u044f\u0435\u043c\u044b\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u043c\u0438 \u0444\u0430\u0439\u043b\u0430\u043c\u0438.\n\n\u2757\ufe0f \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 12 \u043b\u0435\u0442 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b, \u043a\u0430\u043a Ubuntu, Debian, Fedora \u0438 Red Hat. \u0412 \u0441\u0435\u0442\u0438 \u0443\u0436\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c root-\u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u2757\ufe0f \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GNU C Library \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Linux \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0438\u0437\u0431\u0435\u0433\u0430\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n#Linux #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #LooneyTunables @SecLabNews", "creation_timestamp": "2023-10-06T14:01:56.000000Z"}, {"uuid": "69e3719d-2c54-4e86-a608-ad72b15aae28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9136", "content": "#exploit\n1. MSIFortune - LPE with MSI Installers\nhttps://badoption.eu/blog/2023/10/03/MSIFortune.html\n\n2. CVE-2023-38743:\nManageEngine ADManager Command Injection\nhttps://github.com/PetrusViet/CVE-2023-38743\n\n3. IOS 17 Crash Exploit\nhttps://github.com/RapierXbox/ESP32-Sour-Apple\n\n4. CVE-2023-4911:\n\"Looney Tunables\"\nLPE in the glibc's ld*so\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n]-> https://github.com/RickdeJager/CVE-2023-4911", "creation_timestamp": "2023-10-06T06:39:32.000000Z"}, {"uuid": "2c110ce5-3210-4d95-a9b4-d295ca62fb26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4911", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1295", "content": "Local Privilege Escalation in the glibc's ld.so (CVE-2023-4911)\n\nhttps://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt\n\nPOC: https://github.com/leesh3288/CVE-2023-4911\n\n#expdev #linux #lpe #Alexs3y", "creation_timestamp": "2024-08-16T08:32:34.000000Z"}]}