A Zero Day vulnerability in Adobe Flash player has been discovered in the wild. The bug is a use after free vulnerability in the Adobe Flash MediaPlayer DRM management API, it can be exploited to achieve remote code execution. CVE-2018-4878 has been assigned to track this vulnerability. The affected versions are Adobe Flash Player ActiveX … Continue reading “Adobe Flash Player Zero-Day Vulnerability: CVE-2018-4878”
Author: Deepak Shanker
Cisco ASA AnyConnect/WebVPN Double free Vulnerability : CVE-2018-0101
A double free vulnerability has been discovered in Cisco ASA devices in the SSL-VPN feature . The vulnerability has been assigned CVE-2018-0101. An attacker can exploit this vulnerability by sending custom crafted XML packets to the webvpn interface. Upon successful exploitation an attacker can achieve remote arbitrary code excution, reload the device or shutdown the … Continue reading “Cisco ASA AnyConnect/WebVPN Double free Vulnerability : CVE-2018-0101”
Microsoft Office Memory Corruption Vulnerability: CVE-2018-0802
A stack overflow vulnerability in “Microsoft Equation Editor” was disclosed to Microsoft. This vulnerability has been assigned CVE-2018-0802. A similar vulnerability was disclosed in the same component in August 2017 – CVE-2017-11882 which overflowed the stack and was able to execute commands by calling the WinExec() within the EQNEDT32.EXE code base using a static address. CVE-2018-0802 follows a similar … Continue reading “Microsoft Office Memory Corruption Vulnerability: CVE-2018-0802”
Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]
A flaw in Out-of-Order execution mechanism allows user level programs to leak addresses of kernel and process memory space. This vulnerability can be exploited to bypass KASLR as well as CPU security features like SMAP,SMEP,NX and PXN. It can be exploited to bypass OS process isolation. The issue affects processors from Intel, AMD ,ARM, Samsung and … Continue reading “Out-of-Order Execution Side-Channel attack [Spectre/Meltdown]”
Embedthis GoAhead Remote Code Execution vulnerability : CVE-2017-17562
A remote code execution vulnerability has been discovered in GoAhead web server version prior to 3.6.5. The issue stems from the ability to configure environment parameters for GoAhead CGI scripts via an HTTP request. An attacker can exploit this vulnerability to achieve remote code execution. In this post we will discuss how this vulnerability can be … Continue reading “Embedthis GoAhead Remote Code Execution vulnerability : CVE-2017-17562”
PAN-OS Remote Root Code Execution : CVE-2017-15944
A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”
Microsoft Office Memory Corruption Vulnerability : CVE-2017-11882
In the month of August a buffer overflow vulnerability was discovered in the in the “Microsoft Equation Editor”, the vulnerability has been assigned CVE-2017-11882. As the name suggests it is used for inserting and editing equations MS Office documents. The component in question was compiled without SafeSEH,NX,DEP,ASLR,CFG. All of which protect the machine from a wide … Continue reading “Microsoft Office Memory Corruption Vulnerability : CVE-2017-11882”
Return Of Bleichenbacher Oracle Threat [ROBOT]
ROBOT – Return Of Bleichenbacher Oracle Threat, is an attack model based on Daniel Bleichenbacher chosen-ciphertext attack. Bleichenbacher discovered an adaptive-chosen ciphertext attack against protocols using RSA, he demonstrated the ability to perform RSA private-key operations. Researchers have been able to exploit the same vulnerability with small variations to the Bleichenbacher attack. Attack Model PKCS #1 v1.5 … Continue reading “Return Of Bleichenbacher Oracle Threat [ROBOT]”
[Zero Day] Memory Leak and Buffer Overflow Vulnerability in GNU C Library Dynamic Loader
Qualys Vulnerability and Malware Research Labs has uncovered vulnerabilities in the Linux operating system specifically in glibc’s ld.so shared object. CVE-2017-1000408 is a Memory Leak vulnerability and CVE-2017-1000409 is a Buffer overflow vulnerability which is not exploitable if /proc/sys/fs/protected_hardlinks is enabled on the machine. The targets are not vulnerable to either of these vulnerabilities if … Continue reading “[Zero Day] Memory Leak and Buffer Overflow Vulnerability in GNU C Library Dynamic Loader”
Huge Dirty CoW Vulnerability : CVE-2017–1000405
Researchers have found that the patch for the original Dirty CoW is incomplete and does not address a condition where a read-only privileged page is marked dirty. The vulnerability has been assigned CVE-2017-1000405. Similar to Dirty CoW the bug allows an unprivileged authenticated local user to gain write access to read only memory mappings. By … Continue reading “Huge Dirty CoW Vulnerability : CVE-2017–1000405”
