An elevation of privilege attack was discovered in the stack change mechanism in Intel and AMD. On exploitation an attacker can execute user level code in kernel context or cause DoS. The vulnerability resulted due to misinterpretation of the documents describing the stack change process. CVE-2018-8897 has been assigned to track this vulnerability. The researchers … Continue reading “Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897”
Author: Deepak Shanker
Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174
A Zero-Day vulnerability in VBScript was disclosed to Microsoft. The vulnerability was discovered as an active attack in the wild. The bug is in the VBScript engine used in Windows. Its classified as a Use-After-Free (UAF) vulnerability. CVE-2017-8174 is assigned to track this bug. Currently attackers are exploiting this vulnerability to execute shellcode and PowerShell … Continue reading “Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174”
Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628
A deserialization vulnerability was discovered in Oracle WebLogic server’s core components. Upon successful exploitation an attacker can take control of the target server. The exploit targets the server by sending a custom serialized object using T3 protocol and achieves remote arbitrary code execution. T3 and T3S(T3 over TLS) protocol is used to exchange data between … Continue reading “Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628”
Drupal Critical RCE Patch Release [CVE-2018-7602]
Drupal released a critical update to address CVE-2018-7602. Upon exploiting the bug an attacker can gain remote code execution that can compromise the site. The vulnerability affects Drupal 7.x and 8.x. The vulnerability was disclosed by Drupal’s in house team. A similar bug (CVE-2018-7600) was patched SA-CORE-2018-002. Both of these vulnerabilities are being exploited in the wild. … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7602]”
Drupal Critical RCE Patch Release [CVE-2018-7600]
On 21 March 2018 Drupal released a statement that a major vulnerability was reported. They have rated this vulnerability as critical. As per their statement “exploits might be developed within hours or days”, Due to the severity of the issue Drupal is releasing patches for unsupported version as well. CVE-2018-7600 has been assigned to track this issue. Drupal security … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7600]”
Vulnerabilities in AMD Processors RYZEN and EPYC
Various vulnerabilities have been discovered in AMD’s Zen architecture based processors – Ryzen and EPYC. Ryzen processors are aimed towards workstations, laptops and mobiles and EPYC is geared towards servers. The vulnerabilities have been discovered by CTS-Labs, they claim that attackers can exploit these vulnerabilities to : Inject malicious code in to the chip itself. … Continue reading “Vulnerabilities in AMD Processors RYZEN and EPYC”
Memcached Amplification Attacks
Memcached is high-performance distributed system for caching. It was designed yo improve web application performance by reducing database load. An amplification attack using the memcached protocol was observed in the wild. The attack is carried over UDP port 11211. Amplification attacks requires an attacker to forge the IP address of the target and send a … Continue reading “Memcached Amplification Attacks”
Qualys Discloses Multiple Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway
Qualys Security Research Team has disclosed multiple vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway. Citrix has addressed these vulnerabilities in CTX232161. The affected versions and CVEs are listed below. CVE(s) Description Product Affected Version : Build CVE-2018-6810 Directory Traversal Vulnerability Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway < 12.0 : 57.19 < 11.1 : … Continue reading “Qualys Discloses Multiple Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway”
CouchDB Remote Code Execution Vulnerability
CouchDB is an open source non-SQL database designed for easy data replication. It uses Couch replication protocol to implement its replication functionality. CouchDB is implemented in Erlang. Two vulnerabilities CVE-2017-12635, CVE-2017-12636 were reported in CouchDB, they can exploited by attackers to achieve remote code execution with admin privileges. CVE-2017-12635: Elevation of privilege The vulnerability allows non-admin users … Continue reading “CouchDB Remote Code Execution Vulnerability”
WebLogic WLS Deserialization RCE : CVE-2017-10271
In the month of October 2017 a Java deserialization vulnerability was disclosed to Oracle. The vulnerability is assigned CVE-2017-10271. Oracle has addressed this issue by releasing patches in October. Upon successful exploitation an attacker can achieve remote code execution with out authentication. An attacker sends a custom XML request to CoordinatorPortType web service, this causes … Continue reading “WebLogic WLS Deserialization RCE : CVE-2017-10271”