News Items
Security News, Business News - Nov 07, 2017
Title: mail-filter/assp root privilege escalation by user-owned daemonAuthor: Michael OrlitzkyFixedin: noneSummaryAll versions of the Gentoo mail-filter/assp package allow the local unprivileged assp user to gain root by modifying the /usr/share/assp/assp.pl script, which is launched as root by its...
Security News, Business News - Nov 06, 2017
Title: net-misc/vde root privilege escalation via OpenRC service scriptAuthor: Michael OrlitzkyFixedin: version 2.3.2-r4, commits 487449d and 26fdd48SummaryThe Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the qemu group to gain root by creating a hard link in a directory...
Security News, Business News - Oct 27, 2017
Title: dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev-db/mysql-cluster, and dev-db/mariadb-galera root privilege escalation via chown in ebuild phase functionsAuthor: Michael OrlitzkyFixedin: commits 5a4dfd9, 40984ff, and b19f619SummaryRecent versions of dev-db/mariadb and all consumers of...
Security News, Business News - Sep 25, 2017
Title: app-admin/logstash-bin root privilege escalation via init scriptAuthor: Michael OrlitzkyFixedin: versions 5.5.3 and 5.6.1, commits bbd6cb3 and 18f97c8SummaryThe Gentoo app-admin/logstash-bin package before version 5.5.3 allows its local unprivileged user to gain root by creating a hard link i...
Security News, Business News - Sep 21, 2017
Title: P3Scan privilege escalation via PID file manipulationAuthor: Michael OrlitzkyFixedin:SummaryThe p3scan daemon creates its PID file after dropping privileges to a non-root user. That may be exploited (through init scripts or other management tools) by the unprivileged user to kill root process...
Security News, Business News - Sep 20, 2017
Title: Kannel privilege escalation via PID file manipulationAuthor: Michael OrlitzkyFixedin:SummaryThe Kannel daemons create their PID files after dropping privileges to a non-root user. That may be exploited (through init scripts or other management tools) by the unprivileged user to kill root proc...
Security News, Business News - Sep 15, 2017
Title: Gentoo dev-python/flower privilege escalation via PID file manipulationAuthor: Michael OrlitzkyFixedin:SummaryThe Gentoo dev-python/flower package before 0.9.1 gives ownership of its PID file directory to the daemon's runtime user. That can be exploited by the runtime user to kill root proces...
Security News, Business News - Sep 15, 2017
Title: Gentoo sci-mathematics/gimps root privilege escalation via init scriptAuthor: Michael OrlitzkyFixedin:SummaryThe Gentoo sci-mathematics/gimps package before 28.10-r1 allows local users to gain root privileges by creating a hard link under /var/lib/gimps, because an unsafe chown -R command is...
Business News ( Hunt Valley, Maryland ) - Sep 14, 2017
The Baltimore Business Journal (BBJ) ranks Metro Data, Inc. as one of 2016's Top-50 "Veteran Owned Businesses" in the Baltimore region as published in the September 8-14, 2017 Newspaper.  About the Baltimore Business JournalThe Baltimore Business Journal, where you'll find the latest...
Security News, Business News - Sep 11, 2017
Title: Nagios core root privilege escalation via insecure permissionsAuthor: Michael OrlitzkyFixedin:SummaryNagios installs two sets of files with insecure permissions: after installation, the executables and the configuration files are all owned by the same unprivileged user and group (typically, n...

Pages

Under no circumstances should you send an email to ackbar@viabit.com .

Managed I.T. Services

The difference with our "Metro Manage I.T." model is that we proactively monitor your systems and keep them up-to-date and healthy.  

Read More

Hardware Sales & Support

Whether you're in need of computer support, networking monitoring, hardware or software, Metro Data is the one-stop solution for all of your business and corporate technology needs.

Read More

Email Hosting and Filtering

We offer filtering services to stop the constant flow of junk mail before it ever makes it into your inbox. Let Metro Data be your one stop shop for all your I.T. needs!

Read More

Partnerships
Dell Technologies - Authorize Partner
Linux
Lenovo Business Partner
Microsoft Partner
Cisco Systems Partner