A team of researchers has disclosed the details of the timing vulnerability named Raccoon attack in TLS 1.2 and earlier versions. This is a server-side vulnerability that exploits a TLS specification side-channel. Successful exploitation of the vulnerability could lead an attacker to break the encryption and read sensitive communication. In a paper published by Raccoon, … Continue reading “OpenSSL Raccoon Vulnerability”
Author: Pallavi Pangavhane
Slack Remote Code Execution Vulnerability
Overview A critical remote code execution vulnerability was found in the Slack desktop application. Successful exploitation of this vulnerability gives attacker full control over the Slack desktop app and access to private channels, conversations, passwords, tokens, keys etc. Oskarsv, the security researcher who reported the vulnerability says “With any in-app redirect – logic/open redirect, HTML … Continue reading “Slack Remote Code Execution Vulnerability”
Jenkins Server Memory Corruption Vulnerability (CVE-2019-17638)
Overview Jenkins recently released updates for the critical memory corruption vulnerability (CVE-2019-17638) in the Jetty web server. Successful exploitation of this vulnerability may allow unauthenticated users to obtain sensitive information through HTTP response headers. Jenkins is typically run as a standalone application in its own process with the built-in Java servlet container or application server … Continue reading “Jenkins Server Memory Corruption Vulnerability (CVE-2019-17638)”
Google Chrome CSP Bypass Vulnerability (CVE-2020-6519)
Overview A Content Security Policy bypass vulnerability (CVE-2020-6519) exists in Google’s Chromium-based browsers, which could allow attackers to steal data and execute arbitrary codes. Content Security Policy (CSP) is a set of rules that helps detect which content sources can be trusted and which ones should be blocked. CSP helps detect and mitigate certain types of … Continue reading “Google Chrome CSP Bypass Vulnerability (CVE-2020-6519)”
Wing FTP Server Remote Code Execution Vulnerability
Overview: Recently, an authenticated RCE vulnerability was found in the Wing FTP Server. This vulnerability allows authenticated remote attackers to execute arbitrary commands on the targeted server. On Shodan, we observed more than 150 devices that are publicly available on the internet, which may be vulnerable. … Continue reading “Wing FTP Server Remote Code Execution Vulnerability”
Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)
Overview On June 2020, VMware published a report to address Directory Traversal vulnerability (CVE-2020-5410), found in VMware Spring Cloud Config. This product provides server and client-side support for storing and serving distributed configurations across multiple applications and environments. With this config server, customers have a central place for managing external properties of all the applications. … Continue reading “Spring Cloud Config Directory Traversal Vulnerability(CVE-2020-5410)”
F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)
Overview: F5 Networks recently released updates for the critical RCE vulnerability (CVE-2020-5902) that affects its BIG-IP products. The vulnerability that has been actively exploited in the wild allows attackers to read files, execute code or take complete control over vulnerable systems having network access. The vulnerability has a CVSS score of 10. F5 Networks specializes … Continue reading “F5 BIG-IP Remote Code Execution Vulnerability(CVE-2020-5902)”
Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)
Overview: An active privilege escalation vulnerability was observed in Docker Desktop application. This vulnerability is assigned as CVE-2020-10665 and the research credits belongs to ACTIVELabs team. Successful exploitation leads to local elevation of privilege to NT AUTHORITY\SYSTEM. Docker Desktop for Windows is an easy-to-install application that enables you to build and share containerized applications and … Continue reading “Docker Desktop Privilege Escalation Vulnerability(CVE-2020-10665)”
Microsoft Windows Privilege Escalation Vulnerability(CVE-2020-1054)
Overview: On May 2020, Microsoft has fixed an Out of Bound Write vulnerability CVE-2020-1054, found in the DrawIconEx function of windows driver file. The bug was reported by CheckPoint Security Researcher Yoav Alon and Netanel Ben-Simon. Vulnerability occurs due to the Windows kernel-mode driver fails to properly handle objects in memory. This flaw allows local … Continue reading “Microsoft Windows Privilege Escalation Vulnerability(CVE-2020-1054)”
Mozilla Firefox, Firefox ESR, and Thunderbird Security Updates
Overview: Mozilla has released a security advisory to address multiple vulnerabilities. By exploiting these vulnerabilities, an attacker could take control of a vulnerable system. In this security updates, Mozilla addressed total 8 vulnerabilities in Firefox, Firefox ESR, and Thunderbird. Out of 8, five vulnerabilities flagged as High, one rated as Moderate, two rated as Low in severity. Timing … Continue reading “Mozilla Firefox, Firefox ESR, and Thunderbird Security Updates”