Linux Root Shell Hack | CVE-2016-4484: Cryptsetup Initrd root Shell

A hacker with little more than a minute can bypass the authentication procedures on some Linux systems just by holding down the Enter key for around 70 seconds.
The result? The act grants the hacker a shell with root privileges, which allows them to gain complete remote control over encrypted Linux machine.
The security issue relies due to a vulnerability (CVE-2016-4484) in the implementation of the Cryptsetup utility used for encrypting hard drives via Linux Unified Key Setup (LUKS), which is the standard implementation of disk encryption on a Linux-based operating system.

Source:http://bit.ly/2fYb4xB

http://bit.ly/2fGbqpI

http://bit.ly/2fY1aMD

Leave a Reply

Your email address will not be published. Required fields are marked *