Summary: ‘sudo’ utility allows non-privileged Linux and macOS users to run commands as Root was discovered in recent days, tracked as CVE-2019-18634. Description: A core command utility that is pre-installed on macOS and almost every UNIX or Linux-based operating system, well-known as “Sudo” Sudo’s pwfeedback option can be used to provide visual feedback when the … Continue reading “PWFeedback Buffer Overflow Vulnerability in Sudo (CVE-2019-18634)”
SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)
Summary: Solar Winds Firewall Security Manager was observed to be vulnerable, recently. While following up on this we stumbled upon a public exploit for CVE-2015-2284, userlogin.jsp in SolarWinds Firewall Security Manager (FSM) before 6.6.5 HotFix1 allows remote attackers to gain privileges and execute arbitrary code. Description: The vulnerability is a source code disclosure related to the underlying Java application … Continue reading “SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability (CVE-2015-2284)”
OpenBSD OpenSMTPD Remote Command Execution Vulnerability (CVE-2020-7247)
Summary: Recently there was a discovery of vulnerabaility tracked as (CVE-2020-7247) in OpenSMTPD, OpenBSD’s mail server. This vulnerability was exploitable since May 2018 (commit a8e222352f, “switch smtpd to new grammar”) that allows an attacker to execute arbitrary shell commands, as root: >> either locally, in OpenSMTPD’s default configuration (that listens on loopback interface and only … Continue reading “OpenBSD OpenSMTPD Remote Command Execution Vulnerability (CVE-2020-7247)”
Microsoft Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerabilities
Overview: This January Patch Tuesday, Microsoft released patches related to Windows Remote Desktop Gateway (RD Gateway) that address the CVE-2020-0610 and CVE-2020-0609. Microsoft Remote Desktop Gateway (RDG), previously known as Terminal Services Gateway, allows users on public networks to access Windows desktops and applications hosted in cloud environment. The RD Gateway component uses Secure Sockets … Continue reading “Microsoft Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerabilities”
Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)
Summary: A local privilege escalation vulnerability was observed in Ricoh printer drivers for Windowsdue to insecure file permissions. This was assigned under CVE-2019-19363. Description: Any local user is able to overwrite program library files (DLLs) with own code as file permissions of file system entries are improperly set while a printer is added to the … Continue reading “Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)”
Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)
Summary: Recent Internet Explorer has been observed with zero-day remote code execution vulnerability attacks. To address Microsoft’s Internet Explorer (IE) web browser RCE vulnerability CVE-2020-0674 Microsoft published an advisory ADV200001. Description: jscript.dll is the vulnerable component for IE 11, and moderate for IE 9 and IE 10. Memory corruption at ease by an attacker leads … Continue reading “Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)”
Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)
Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied immediately. An attacker could … Continue reading “Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)”
Ajenti server exposed by RCE bug
Hi again, Today we are going to exploit Ajenti servers xD…. which are already exposed by RCE vulnerability. For starters, let me give you Google wiki introduction of Ajenti server, Ajenti is an open-source, web-based control panel that can be used for a large variety of server management tasks. On 13th October,19 a command injection … Continue reading “Ajenti server exposed by RCE bug”
Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability
Recently, Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability, tracked as CVE-2019-19781, allows an unauthenticated remote attacker to run arbitrary code on the appliances. At this moment, few details regarding the vulnerability have been released. Affected products: Citrix ADC and Citrix Gateway version 13.0 … Continue reading “Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability”
Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)
Summary: Recently, a security researcher disclosed a XML External Entity Injection Zero Day in Microsoft Visual Studio 2008 Express IDE. It can allow remote attackers to grap files from the victims computer, sending them to the remote attackers server. Affected Product:Visual Studio 2008 Express IDE Security Issue:Visual Studio 2008 IDE vulnerable to XML External Entity … Continue reading “Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)”
