Microsoft released an out-of-band update yesterday that fixes two critical vulnerabilities – The Internet Explorer remote code execution vulnerability (CVE-2019-1367) and Microsoft Defender Denial of Service Vulnerability (CVE-2019-1255). According to the Microsoft advisory CVE-2019-1367, the Internet Explorer scripting engine vulnerability has been exploited in active attacks in the wild. Users are advised to manually update … Continue reading “Microsoft Released Out-of-Band Security Updates”
Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities
Recently, multiple vulnerabilities have been identified in the management console of the Citrix SD-WAN Center, NetScaler SD-WAN Center, Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance. The vulnerabilities exist because affected product fails to sanitize certain HTTP request parameter values, which are used to construct a shell command. This would allow an attacker to execute arbitrary … Continue reading “Citrix SD-WAN Center and NetScaler SD-WAN Center Multiple Security Vulnerabilities”
Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253
Summary: September MSPT has come with a local privilege-escalation vulnerability in Microsoft Windows. Description: Windows AppX Deployment Server improperly handles junctions resulting into privilege escalation. An attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability‘ to exploit this vulnerability, A Poc is available that demonstrates on Microsoft … Continue reading “Microsoft Windows Local Privilege Escalation Vulnerability CVE-2019-1253”
Grandnode Path Traversal Arbitrary file download vulnerability
Summary: A path traversal vulnerability has been reported in Grandnode. LetsEncryptController.cs in the Index action method is the vulnerable component., via which the server access the token validation URL, without authentication. Description: Grandnode is an open-source eCommerce solution powered by .NET Core 2.2, supporting Windows, Linux and Mac operating systems. LetsEncryptController.cs method is used in … Continue reading “Grandnode Path Traversal Arbitrary file download vulnerability”
Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)
Cisco published an update for Cisco IOS XE operating system to patch a critical vulnerability that could allow a remote attacker to bypass authentication on devices running an outdated version of Cisco REST API virtual service container. The security issue is tracked as CVE-2019-12643 and has received a maximum severity rating score of 10 based … Continue reading “Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability – (CVE-2019-12643)”
Webmin Remote Code Execution Vulnerability
Webmin version 1.882 to 1.921 is vulnerable to Unauthenticated Remote Code Execution Vulnerability. This vulnerability exists in the reset password function that allows a malicious attacker to execute malicious code due to lack of input validation. The targets which have the setting “user password change enabled” are exploitable. This vulnerability has been assigned CVE-2019-15107. Vulnerability … Continue reading “Webmin Remote Code Execution Vulnerability”
Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch
In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services – formerly known as Terminal Services – and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to … Continue reading “Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch”
LibreOffice Code Execution Vulnerability CVE-2019-9848
Format VideoSummary: Recently, LibreOffice have been reported with a remote code execution vulnerability. The LibreLogo scripts is the vulnerable component due to which the doc event feature being permitted to execute allows the execution of Python code. Description: A programmable turtle vector graphics script called as LibreLogo comes along LibreOffice product that can be manipulated into … Continue reading “LibreOffice Code Execution Vulnerability CVE-2019-9848”
Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)
On the 17th of July, an advisory addressing a access bypass vulnerability was made public. This was assigned CVE-2019-6342 by MITRE and the associated security risk was deemed critical by Drupal in SA-CORE-2019-008. Vulnerability Details: An access bypass condition allows an attacker to bypass security restrictions in place to perform certain actions. The vulnerability exists … Continue reading “Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)”
Atlassian Crowd pdkinstall Remote Code execution CVE-2019-11580
Summary: A remote code execution vulnerability has been reported in Atlassian Crowd and Crowd Data Center. The vulnerability is due to pdkinstall development plugin is incorrectly enabled in release builds. Description: Atlassian Crowd, a user management application for access control for Active Directory (AD), Lightweight Directory Access Protocol (LDAP)OpenLDAP and Microsoft Azure AD. A remote, … Continue reading “Atlassian Crowd pdkinstall Remote Code execution CVE-2019-11580”
