Overview Microsoft released out-of-band updates today that fix seven critical vulnerabilities in Microsoft Exchange Server. According to the Microsoft Security Response Center, four of these seven vulnerabilities are used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Description Today Microsoft releases several security updates for Microsoft Exchange Server to address … Continue reading “Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks”
Author: Ses Wang
PAN-OS Multiple Vulnerabilities
On November 11, 2020, Palo Alto Networks released advisories addressing several vulnerabilities in PAN-OS. These vulnerabilities are of High and Medium severity. About the security bugs CVE-2020-2048: System proxy passwords may be logged in clear text while viewing system stateThis issue is addressed in PAN-140157. Information disclosure through log file vulnerability exists where the … Continue reading “PAN-OS Multiple Vulnerabilities”
Google Fixes Second Chrome Zero Day
Google released an update today for its Chrome web browser that patches ten security bugs. Google confirmed that the “stable channel” desktop Chrome browser is being updated to version 86.0.4240.183 across Windows, Mac, and Linux platforms. About the security bugs The Chrome team has issued updates for several security fixes. Among these security bugs, 7 … Continue reading “Google Fixes Second Chrome Zero Day”
SonicWall VPN Portal Buffer Overflow Vulnerability (CVE-2020-5135)
Overview On 14th October 2020, Tripwire VERT has published the finding of a stack-based buffer overflow in SonicWall Network Security Appliance (NSA). An unauthenticated HTTP request via a custom protocol handler can exploit this vulnerability. Security researcher Craig Young reported this vulnerability. Description A persistent Denial of Service (DoS) condition and potentially arbitrary code execution is possible by sending a crafted HTTP request to the SonicOS firewall. The vulnerability can be exploited without authentication and insecure SSLVPN that is exposed … Continue reading “SonicWall VPN Portal Buffer Overflow Vulnerability (CVE-2020-5135)”
Cisco Jabber for Windows Multiple Vulnerabilities (CVE-2020-3495)
Overview Cisco has addressed four vulnerabilities in Cisco Jabber for Windows. The most critical of these vulnerabilities, CVE-2020-3495, when exploited, allows an attacker to execute arbitrary code via a crafted chat message. Description Cisco Jabber is an instant messaging and video-conferencing application. Cisco Jabber uses the Chromium Embedded Framework (CEF) to embed a Chromium-based web … Continue reading “Cisco Jabber for Windows Multiple Vulnerabilities (CVE-2020-3495)”
Cisco IOS XR DVMRP Memory Exhaustion Vulnerabilities
Cisco has released a security advisory on multiple memory exhaustion vulnerabilities in the Cisco IOS XR devices. These vulnerabilities allow an unauthenticated attacker to exhaust the process memory of an affected device. Vulnerabilities Description: Distance Vector Multicast Routing Protocol (DVMRP) is a protocol for multicast routing. The vulnerabilities exist in the DVMRP feature of Cisco … Continue reading “Cisco IOS XR DVMRP Memory Exhaustion Vulnerabilities”
OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726
Summary: Qualys researchers discovered a local privilege escalation vulnerability in OpenBSD’s dynamic loader (ld.so): this vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges to attackers who has a low privilege on the system. Vulnerability: In OpenBSD with a low memory conditions, “_dl_split_path” function … Continue reading “OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726”
OpenBSD Authentication Bypass Vulnerability
Summary: Qualys researchers discovered an authentication-bypass vulnerability (CVE-2019-19521) in OpenBSD’s authentication system. An attacker can exploit this issue by sending a specially-crafted username to bypass OpenBSD’s authentication. This vulnerability is remotely exploitable. Vulnerability: OpenBSD uses BSD Authentication, which is made up of a variety of authentication styles. The vulnerability is composed of 2 following … Continue reading “OpenBSD Authentication Bypass Vulnerability”
Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)
Oracle WebLogic is an application server used for building and hosting Java-EE applications. A highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers running the WLS9_ASYNC and WLS-WSAT components. The vulnerability was initially disclosed by China National Vulnerability Database under the tracker number CNVD-C-2019-48814. Later the vulnerability is assigned to … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)”
Samba Writable Share Remote Code Execution (CVE-2017-7494)
A critical remote code execution vulnerability impacting Samba was issued on Wednesday. The vulnerability exists in “SMB” protocol which is similar to “WannaCry”. All versions of Samba from 3.5.0 onwards are affected. The vulnerability allows a malicious client to upload a shared library to a writable share, and then cause the server to load and … Continue reading “Samba Writable Share Remote Code Execution (CVE-2017-7494)”