A vulnerability that affects GRUB2 versions from 1.98 (December, 2009) to 2.02 (December, 2015) has been found.
This vulnerability can be exploited under certain circumstances allowing an attacker to take control over a computer even if the passwords are hashed.
The attacker can bypass any type of authentication by only pressing the Back Button 28 times!
How to patch this vulnerability:
Run this commands and the vulnerability will be gone.
Source: http://adf.ly/1Tf6JY
This vulnerability can be exploited under certain circumstances allowing an attacker to take control over a computer even if the passwords are hashed.
The attacker can bypass any type of authentication by only pressing the Back Button 28 times!
How to patch this vulnerability:
$ git clone git://git.savannah.gnu.org/grub.git grub.git
$ cd grub.git
$ wget http://hmarco.org/bugs/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
$ git apply 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
Run this commands and the vulnerability will be gone.
Source: http://adf.ly/1Tf6JY
No hay comentarios:
Publicar un comentario