BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Critical Vulnerability in Ping Utility Allows Hackers to Take Over FreeBSD Systems


    The vulnerability could have been exploited to crash the utility or run arbitrary code.

    The FreeBSD developers have released updates to fix a critical vulnerability in the ping utility, which is being tracked as CVE-2022-23093 and could be used for remote code execution. The security flaw is caused by a buffer overflow while processing incoming ICMP messages. As the FreeBSD developers found out, the pr_pack() function, which copies the extracted IP and ICMP headers into stack buffers for further processing. At the same time, it does not take into account that additional extended headers may be present in the packet after the IP header. If there are, then pr_pack() will overwrite up to 40 bytes on the stack.

    Successful exploitation of the vulnerability could cause the utility to malfunction and also allow a remote hacker to execute arbitrary code with root privileges. This works because ping uses raw sockets to send and receive ICMP messages and runs with elevated privileges (the utility comes with the setuid root flag).

    According to the FreeBSD maintainers, the CVE-2022-23093 threat greatly reduces the fact that ping is run in a system call isolation state, which makes it difficult to access the system after exploiting the vulnerability.

    All existing versions of FreeBSD are known to be affected by the vulnerability. The fix is included in the 13.1-RELEASE-p5, 12.4-RC2-p2 and 12.3-RELEASE-p10 updates.

    Author DeepWeb
    Unknown hackers carry out aimless attacks on Western countries
    CISA warns of critical vulnerability in Oracle Fusion Middleware

    Comments 0

    Add comment