Google Chrome Exploit in wild

Trick or Treat! Treat it is xD Rather than live in dread of Trick, Google chrome decided to treat its user with the Latest Chrome Update on Halloween Eve. But this twitchiness is not because of ghosts or goblins, the thought of Security breach gave Google the cold sweat. What you need to know On … Continue reading “Google Chrome Exploit in wild”

Nginx + PHP 7 Remote Code Execution Vulnerability

On October 24th2019, PHP released updates to address a remote code execution vulnerability. The vulnerability allows an attacker to run arbitrary commands on a vulnerable server by a specially crafted URL. This issue is tracked with CVE-2019-11043. Vulnerability Analysis: The vulnerability resides in the “env_path_info” underflow in PHP-FPM . It contains pointer arithmetics that assumes that … Continue reading “Nginx + PHP 7 Remote Code Execution Vulnerability”

SUDO Security Policy Bypass Vulnerability

Sudo is one of the most important and widely used core command that allows a permitted user to execute a command as the superuser or with other user privileges. It is basically used to allow unprivileged users to execute commands as root. Summary: The vulnerability found in sudo security policy bypass issue that could allow … Continue reading “SUDO Security Policy Bypass Vulnerability”

Vbulletin remote code execution vulnerability

Summary: vBulletin 5.x are prone to remote code execution vulnerability. (CVE-2019-16759). It can be exploited without authentication and takes control of web hosts. Description: vBulletin is a proprietary Internet forum software package sold by MH Sub I, LLC doing business as vBulletin. It uses PHP and uses a MySQL database server. A pre-authentication remote code … Continue reading “Vbulletin remote code execution vulnerability”

Atlassian Jira Server SSRF Vulnerability

Atlassian Jira Server is vulnerable to Server Side Request Forgery (SSRF). The vulnerability affects Jira Core and Jira Software versions 7.6.0 prior to 8.4.0. CVE 2019–8451 has been assigned to track this vulnerability. Thousands of Jira Servers are potentially affected by this vulnerability. Vulnerability Details: The vulnerability was found in the Atlassian Jira /plugins/servlet/gadgets/makeRequest resource … Continue reading “Atlassian Jira Server SSRF Vulnerability”

Microsoft Released Out-of-Band Security Updates

Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities – The Internet Explorer remote code execution vulnerability (CVE-2019-1367) and Microsoft Defender Denial of Service Vulnerability (CVE-2019-1255). According to the Microsoft advisory CVE-2019-1367, the Internet Explorer scripting engine vulnerability has been exploited in active attacks in the wild. Users are advised to manually update … Continue reading “Microsoft Released Out-of-Band Security Updates”

Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities

Recently, multiple vulnerabilities have been identified in the management console of the Citrix SD-WAN Center, NetScaler SD-WAN Center, Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance. The vulnerabilities exist because affected product fails to sanitize certain HTTP request parameter values, which are used to construct a shell command. This would allow an attacker to execute arbitrary … Continue reading “Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities”

Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253

Summary: September MSPT has come with a local privilege-escalation vulnerability in Microsoft Windows. Description: Windows AppX Deployment Server improperly handles junctions resulting into privilege escalation. An attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability‘ to exploit this vulnerability, A Poc is available that demonstrates on Microsoft … Continue reading “Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253”

Grandnode Path Traversal Arbitrary file download vulnerability

Summary: A path traversal vulnerability has been reported in Grandnode. LetsEncryptController.cs in the Index action method is the vulnerable component., via which the server access the token validation URL, without authentication. Description: Grandnode is an open-source eCommerce solution powered by .NET Core 2.2, supporting Windows, Linux and Mac operating systems. LetsEncryptController.cs method is used in … Continue reading “Grandnode Path Traversal Arbitrary file download vulnerability”

Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)

Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco REST API virtual service container. The security issue is tracked as CVE-2019-12643 and has received a maximum severity rating score of 10 based … Continue reading “Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)”