Webmin version 1.882 to 1.921 is vulnerable to Unauthenticated Remote Code Execution Vulnerability. This vulnerability exists in the reset password function that allows a malicious attacker to execute malicious code due to lack of input validation. The targets which have the setting “user password change enabled” are exploitable. This vulnerability has been assigned CVE-2019-15107. Vulnerability … Continue reading “Webmin Remote Code Execution Vulnerability”
Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch
In the August 2019 Patch Tuesday release, Microsoft disclosed 7 RDP Vulnerabilities, out of which 4 are labeled as critical and 3 as important. All the critical vulnerabilities exist in Remote Desktop Services – formerly known as Terminal Services – and do not require authentication or user interaction. To exploit the vulnerabilities, an attacker would need to … Continue reading “Windows Remote Desktop Vulnerabilities (Seven Monkeys) – How to Detect and Patch”
LibreOffice Code Execution Vulnerability CVE-2019-9848
Format VideoSummary: Recently, LibreOffice have been reported with a remote code execution vulnerability. The LibreLogo scripts is the vulnerable component due to which the doc event feature being permitted to execute allows the execution of Python code. Description: A programmable turtle vector graphics script called as LibreLogo comes along LibreOffice product that can be manipulated into … Continue reading “LibreOffice Code Execution Vulnerability CVE-2019-9848”
Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)
On the 17th of July, an advisory addressing a access bypass vulnerability was made public. This was assigned CVE-2019-6342 by MITRE and the associated security risk was deemed critical by Drupal in SA-CORE-2019-008. Vulnerability Details: An access bypass condition allows an attacker to bypass security restrictions in place to perform certain actions. The vulnerability exists … Continue reading “Drupal Wordspaces Module Access Bypass Vulnerability (SA-CORE-2019-008)”
Atlassian Crowd pdkinstall Remote Code execution CVE-2019-11580
Summary: A remote code execution vulnerability has been reported in Atlassian Crowd and Crowd Data Center. The vulnerability is due to pdkinstall development plugin is incorrectly enabled in release builds. Description: Atlassian Crowd, a user management application for access control for Active Directory (AD), Lightweight Directory Access Protocol (LDAP)OpenLDAP and Microsoft Azure AD. A remote, … Continue reading “Atlassian Crowd pdkinstall Remote Code execution CVE-2019-11580”
Atlassian Jira Server Template Injection Vulnerability
Atlassian Jira Server and Data Center is vulnerable to a server-side template injection in various resources. This vulnerability was introduced in version 4.4.x and affects versions as recent as 8.2.2 (released on 13 June 2019). CVE-2019–11581 has been assigned to track this vulnerability. Thousands of Jira Servers are potentially affected by this vulnerability and may … Continue reading “Atlassian Jira Server Template Injection Vulnerability”
Microsoft Windows Privilege Escalation vulnerabilities CVE-2019-1132 & CVE-2019-0880
Summary: In the month of July 2019, MSPT have several vulnerabilities including windows kernel, win32K, unistore.dll, Hyper-V, Windows WLAN service, Windows Audio service, Windows RPCSS, DirectX, windows dnslvr.dll in Microsoft Windows. Out of them two zero days were identified for actively Attacked Privilege Escalation vulnerabilities (CVE-2019-1132 and CVE-2019-0880) in Win32k and splwow64 that have been … Continue reading “Microsoft Windows Privilege Escalation vulnerabilities CVE-2019-1132 & CVE-2019-0880”
Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2729)
Recently a highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers. On June 15, KnownSec 404 Team shared an advisory, according to them, the new vulnerability bypasses the latest Weblogic patch (CVE-2019-2725). An unauthenticated, remote attacker can send a crafted HTTP request to execute arbitrary commands on the Weblogic Servers. … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2729)”
Linux Vim and Neovim Modeline Arbitrary Command Execution Vulnerability
A critical command execution vulnerability has been discovered in the Vim and Neovim command-line text editing application. Both applications come preinstalled on a majority of Linux based OS systems. The vulnerability, tracked as CVE-2019-12735 can be exploited by tricking users into opening a specially crafted text file with Vim or Neovim editor. This could allow … Continue reading “Linux Vim and Neovim Modeline Arbitrary Command Execution Vulnerability”
Exim Remote Command Execution Vulnerability (CVE-2019-10149)
The Exim mail transfer agent (MTA) contains a vulnerability that can allow attackers to execute arbitrary commands reliably on a targeted system. This vulnerability was discovered by our own Qualys Security Research Team and has been named as “The Return of the WIZard” as a reference to a couple of similar command execution vulnerabilities in … Continue reading “Exim Remote Command Execution Vulnerability (CVE-2019-10149)”
