For 2020, June’s Patch Tuesday, Microsoft published Advisories addressing Multiple Vulnerabilities in Microsoft Windows Defender. CVE-2020-1163 and CVE-2020-1170 was assigned to these vulnerabilities. Microsoft Windows Defender Microsoft Defender is an anti-malware component of Microsoft Windows, designed to protect computers from viruses, spyware and other forms of malware. CVE-2020-1163 and CVE-2020-1170 An elevation of privilege vulnerability … Continue reading “Microsoft Windows Defender Elevation of Privilege Vulnerability”
Author: Neelam Kadbane
Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack
Treck IP stack implementations for embedded systems are affected by multiple zero-day vulnerabilities. Total 19 vulnerabilities in a widely used low-level TCP/IP software library developed by Treck, Inc have been discovered by the JSOF research lab, who calls them Ripple20. Treck TCP/IP Stack Treck IP network stack is designed for and used in a variety of embedded systems. The software is often licensed and integrated … Continue reading “Ripple20: Multiple Zero Day Vulnerabilities in Treck TCP/IP stack”
VMware Cloud Director Remote Code Execution Vulnerability
On May 19,2020 VMware released an advisory to address Remote Code Execution vulnerability in VMware Cloud Director. CVE-2020-3956 has assigned to track this vulnerability. vCloud Director VMware Cloud Director (formerly known as vCloud Director) is a popular deployment, automation, and management software that’s used to operate and manage cloud resources, allowing businesses to data centers distributed … Continue reading “VMware Cloud Director Remote Code Execution Vulnerability”
VMware vCenter Server Sensitive Information Disclosure Vulnerability
On 9th April 2020,VMware has released an advisory VMSA-2020-0006 to addressed a critical information disclosure vulnerability. CVE-2020-3952 has been assigned. Vulnerability would be exploited by attackers to compromise vCenter Server or other services that use the Directory Service (vmdir) for authentication. vCenter Server provides a centralized platform for controlling VMware vSphere environments, it helps manage … Continue reading “VMware vCenter Server Sensitive Information Disclosure Vulnerability”
PRTG Network Monitor Information-Disclosure Vulnerability
Today We will exploit a simple but Important Vulnerability in PRTG Network Monitor. It is the most commonly used software for the monitor and classify system conditions like bandwidth usage or uptime and collect statistics from miscellaneous hosts as switches, routers, servers and other devices and applications. PRTG released a Patch fixing a vulnerability that … Continue reading “PRTG Network Monitor Information-Disclosure Vulnerability”
VMware Workstation and Fusion Guest-to-Host Escape Vulnerability
VMware issued a Security Advisory for Guest-to-Host Escape Vulnerability, VMSA-020-0004. VMSA-2020-0004 also includes the other two important vulnerabilities in VMware Horizon Client for Windows and VMRC for Windows, (CVE-2019-5543, CVE-2020-3948) CVE-2020-3947 has assigned to Guest-to Host Escape vulnerability. The vendors labeled it a critical severity bug with a CVSS score of 9.3 What is the … Continue reading “VMware Workstation and Fusion Guest-to-Host Escape Vulnerability”
Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
Microsoft Edge is the most commonly used web browser among the Windows user. It is the default browser in Windows. So, it is not strange if an attacker tries to hack the Commonly used web browser. Vulnerability Details: “An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory.” … Continue reading “Microsoft Edge based on Edge HTML Information Disclosure Vulnerability”
Ajenti server exposed by RCE bug
Hi again, Today we are going to exploit Ajenti servers xD…. which are already exposed by RCE vulnerability. For starters, let me give you Google wiki introduction of Ajenti server, Ajenti is an open-source, web-based control panel that can be used for a large variety of server management tasks. On 13th October,19 a command injection … Continue reading “Ajenti server exposed by RCE bug”
RCE vulnerability impacts Nostromo Web Server!
HOLA! I don’t think Professor Dumbledore destroyed the Resurrection Stone ツ It seems Nostromo possessed the stone all this time. Oh yes, I’m serious. If not, then how can you explain the return of this RCE Vulnerability!? Let’s have a look. In 2011, Nostromo web servers were affected by a directory traversal vulnerability leading to … Continue reading “RCE vulnerability impacts Nostromo Web Server!”
Check Point ZoneAlarm Local Arbitrary Code Execution
We have recently tested the old vulnerability in Check Point ZoneAlarm Free Firewall and Check Point ZoneAlarm Free Antivirus + Firewall. Check Point ZoneAlarm is prone to a local arbitrary code-execution vulnerability (CVE-2018-8790). ZoneAlarm exposes a Windows Communication Foundation (WCF) interface that can allow a local low privileged user to execute arbitrary code as SYSTEM. … Continue reading “Check Point ZoneAlarm Local Arbitrary Code Execution”