Proftpd (<= pre6) linux ppc remote exploit.

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default.

This Metasploit module exploits a vulnerability in the FreeBSD kernel, when running on 64-bit Intel processors. By design, 64-bit processors following the X86-64 specification will trigger a general protection fault (GPF) when executing a SYSRET instruction with a non-canonical address in the RCX register. However, Intel processors check for a non-canonical address prior to dropping privileges, causing a GPF in privileged mode. As a result, the current userland RSP stack pointer is restored and executed, resulting in privileged code execution.

This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects using LD_PRELOAD, resulting in privileged code execution.

Slackware Security Advisory - New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

•An in silico clinical trial is underway with the 3DEXPERIENCE platform to evaluate the Living Heart simulated 3D heart for transforming how new devices can be tested •Five-year extension of their collaborative research agreement aims to spur medical device innovation by enabling innovative, new product designs •Both Dassault Systèmes and the FDA recognize the transformative impact of modeling and simulation on public health and patient safety

•Dassault Aviation will rely on six Dassault Systèmes industry solution experiences to integrate business processes, improve performance and reduce costs •Deployment marks next step in Dassault Aviation’s digital transformation plan through a platform approach, launched in 2018 •Dassault Systèmes’ 3DEXPERIENCE platform will power artificial intelligence-based application for intelligent enterprise services