Infosec WeeklyNov 16, 2016 in #infosec
In the not so distant past, I wrote a short article once per week about some of the more interesting Information Security news items for a tech website. I'm gonna do the same here, it keeps me interested in the news and forces me to think about some of the items critically.
Incorrect Handling of password checking with LUKS
With physical access to a machine that encrypts its rootfs with LUKS, after a set number of failed attempts, it's possible to drop to a root shell on the system. This would allow an attacker to either brute force the encryption passphrase, or make a copy of the drive without having to remove it.
Nginx priv esclation
On debian based systems, the packaged version of nginx had log files owned by root. It is then possible to symlink this file to another abitrary file (through a compromised web application say) so that upon the logs being rotated said file is written to. Via this it's possible to escalate from the www-data to root.home