Windows Win32k Elevation of Privilege Vulnerability: CVE-2018-8589

An elevation of privilege vulnerability has been disclosed in the Windows OS. The issue affects Windows 7, Server 2008 (R2) both core and non-core versions. CVE-2018-8589 has been assigned to track this vulnerability. Microsoft has addressed this issue in November 2018 patch release. However a patched target may still crash (BSOD) if the exploit is triggered. For exploiting … Continue reading “Windows Win32k Elevation of Privilege Vulnerability: CVE-2018-8589”

Cisco ASA and Cisco FTD Software Denial of Service Vulnerability: CVE-2018-15454

A vulnerability in handling of Session Initiation Protocol (SIP) traffic by Cisco devices has been disclosed. CVE-2018-15454 has been assigned to track this vulnerability. Cisco has released advisory cisco-sa-20181031-asaftd-sip-dos to address this issue, it ha rated this issue as a high priority. The vulnerability affects a range of Cisco products if SIP inspection is enabled. … Continue reading “Cisco ASA and Cisco FTD Software Denial of Service Vulnerability: CVE-2018-15454”

BLEEDINGBIT Vulnerability

Two critical vulnerabilities have been discovered in BLE (Bluetooth Low Energy) chips manufactured by Texas Instruments (TI). The vulnerabilities have been named BLEEDINGBIT. As this vulnerability affects the BLE chips, any device using said hardware is a potential target for exploitation. The following CVEs have been assigned to track  BLEEDINGBIT vulnerability. BLEEDINGBIT RCE vulnerability (CVE-2018-16986) BLEEDINGBIT … Continue reading “BLEEDINGBIT Vulnerability”

Oracle WebLogic Server XML External Entity Vulnerability (CVE-2018-3246)

Oracle has addressed several WebLogic Server vulnerabilities this Patch Tuesday. In this post we will discuss one of the critical vulnerbilities, CVE-2018-3246. It’s an XML External Entity (XXE) vulnerability that affects Oracle WebLogic Server versions 12.1.3.0, and 12.2.1.3. Vulnerability Analysis: The vulnerability exists in a component that allows users to upload configuration files in an XML … Continue reading “Oracle WebLogic Server XML External Entity Vulnerability (CVE-2018-3246)”

Cisco Webex Update Service Command Injection Vulnerability : CVE-2018-15442

A command injection vulnerability has been disclosed in Cisco Webex. Upon successful exploitation an attacker can execute arbitrary commands on the target machine. The vulnerability has been assigned CVE-2018-15442. The vulnerability has been named ‘WebExec‘. Cisco has addressed this issue in cisco-sa-20181024-webex-injection. The issue affects All Cisco Webex Meetings Desktop App releases prior to 33.6.0. … Continue reading “Cisco Webex Update Service Command Injection Vulnerability : CVE-2018-15442”

Authentication bypass in libssh server : CVE-2018-10933

libssh is open source framework in C that implements SSHv2 protocol. Users can execute programs remotely, transfer files, build secure tunnels etc. An authentication bypass vulnerability was found in the server side implementation of libssh.  All version of libssh from 0.6 and above are vulnerable. CVE-2018-10933 has been assigned to track this issue. The vulnerability … Continue reading “Authentication bypass in libssh server : CVE-2018-10933”

Microsoft Edge Remote Code Execution Vulnerability

A remote code execution vulnerability exists because Windows Shell improperly handles URIs. Upon successful exploitation an attacker can achieve remote code execution via the Microsoft Edge browser. CVE-2018-8495 has been assigned to track this vulnerability. An attacker can leverage the vulnerability by abusing URI schemes and VBS script in Windows that can run with user-defined … Continue reading “Microsoft Edge Remote Code Execution Vulnerability”

Integer Overflow in create_elf_tables() : CVE–2018-14634

An Integer overflow vulnerability has been disclosed by Qualys Research Labs. The vulnerability is assigned CVE-2018-14634. The issue affects kernels with commit b6a2fea39318 without da029c11e6b1. Red Hat Enterprise Linux and CentOS are vulnerable. Upon successful exploitation a local attacker can gain root privileges on the target machine. A PoC is available online. Red Hat has addressed this … Continue reading “Integer Overflow in create_elf_tables() : CVE–2018-14634”

Microsoft Windows Jet Database Engine Out-Of-Bounds Write Vulnerability: CVE-2018-8423

An Out-of-Bounds write vulnerability was disclosed to Microsoft. The issue affects Microsoft JET Database engine. Upon successful exploitation an attacker can gain code execution (current process context) on the target machine. To trigger this vulnerability, the target user needs to open a  crafted file containing data stored in JET database format. Many Windows application use the … Continue reading “Microsoft Windows Jet Database Engine Out-Of-Bounds Write Vulnerability: CVE-2018-8423”

OpenSSH User name Enumeration Vulnerability : CVE-2018-15473

OpenSSH is vulnerable to user enumeration attack.  The issue affects all versions through 7.7. The vulnerability is tracked via CVE-2018-15473. Upon successful exploitation an attacker can test validity of usernames based on the target servers response. This information can be exploited in various ways depending upon the attackers resources, capabilities and the target scenario. PoC‘s exploiting … Continue reading “OpenSSH User name Enumeration Vulnerability : CVE-2018-15473”