A critical race condition vulnerability has been disclosed in the Docker, tracked as CVE-2018-15664. The vulnerability affects all versions of Docker and resides in the FollowSymlinkInScope function, which is vulnerable to the time of check to time of use (TOCTOU) attack. Affected Versions: All Docker versions available till now. Vulnerability: Form the bug, it appears … Continue reading “Docker Arbitrary File Read/Write Access Vulnerability”
Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708
Introduction: Microsoft has released fixes for a very high-risk vulnerability (CVE-2019-0708, aka BlueKeep) in this Patch Tuesday that impacts Windows XP, Windows 7, Server 2003, Server 2008, and Server 2008 R2. A critical remote code execution vulnerability exists in the Microsoft Windows systems running Remote Desktop Protocol (RDP). Upon successful exploitation an attacker can gain … Continue reading “Microsoft Remote Desktop Services (RDP) Remote Code Execution Vulnerability – CVE-2019-0708”
Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)
Oracle WebLogic is an application server used for building and hosting Java-EE applications. A highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers running the WLS9_ASYNC and WLS-WSAT components. The vulnerability was initially disclosed by China National Vulnerability Database under the tracker number CNVD-C-2019-48814. Later the vulnerability is assigned to … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)”
Microsoft Windows Win32k Privilege Escalation Vulnerability
Microsoft Windows is prone to local privilege-escalation vulnerability. CVE-2019-0859 has been assigned to track this vulnerability. This privilege escalation vulnerability is being exploited in the wild. Vulnerability Details: The vulnerability exists when the Win32k component fails to properly handle objects in memory. An attacker can exploit this issue to execute arbitrary code in kernel mode, … Continue reading “Microsoft Windows Win32k Privilege Escalation Vulnerability”
Microsoft Internet Explorer XML External Entity (XXE) Vulnerability – Zero Day
Overview: A security researcher has publicly disclosed the details of a zero-day vulnerability in Microsoft Internet Explorer 11. Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file. From techtarget.com, “MHT is a Web page archive file format. The archived Web page is an MHTML (short for … Continue reading “Microsoft Internet Explorer XML External Entity (XXE) Vulnerability – Zero Day”
ThinkPHP Remote Code Execution Vulnerability
Recently, ThinkPHP released an advisory, for a high-risk remote code execution (RCE) vulnerability. The vulnerability exists because ThinkPHP framework improperly checks controller names. This may lead to possible getshell vulnerabilities without the forced routing enabled. A proof of concept (PoC) exploiting this vulnerability was also published soon after the advisory. The proof-of-concept code exploits a … Continue reading “ThinkPHP Remote Code Execution Vulnerability”
Apache Solr Config API Remote Code Execution Vulnerability (CVE-2019-0192)
Apache has recently fixed a Java Deserialization vulnerability in Apache Solr. Apache Solr has a Config API which allows to configure Solr’s JMX server via an HTTP POST request. It’s possible to setup a malicious RMI server, have Config API point to this malicious RMI server and trigger a remote code execution via Apache Solr’s unsafe … Continue reading “Apache Solr Config API Remote Code Execution Vulnerability (CVE-2019-0192)”
Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003)
Recently, Drupal released a patch for a critical remote code execution vulnerability (SA-CORE-2019-003), tracked as CVE-2019-6340. This vulnerability can be easily exploited by a remote attacker to execute arbitrary code on the targeted system when the RESTful Web Services module is enabled and the GET, POST, PATCH or POST method request is allowed. This isn’t … Continue reading “Drupal Remote Code Execution Vulnerability (SA-CORE-2019-003)”
Nexus Repository Manager 3 Remote Code Execution Vulnerability (CVE-2019-7238)
Sonatype released a patch earlier this month that fixes a Remote Code Execution (RCE) vulnerability in Nexus Repository Manager 3. The vulnerability exists because Nexus Repository Manager fails to implement Access Controls properly which leads to Remote Code Execution vulnerability. This vulnerability affects Nexus Repository Manager 3.6.2 OSS/Pro versions up to and including 3.14.0. Vulnerability Analysis: … Continue reading “Nexus Repository Manager 3 Remote Code Execution Vulnerability (CVE-2019-7238)”
Snapd (Dirty Sock) Privilege Escalation Vulnerability
A privilege escalation vulnerability referred as “Dirty Sock” has been identified in the default installations of Ubuntu Linux. The actual vulnerability is in the Snapd daemon (snapd REST API), which is included by default with all recent Ubuntu versions and probably other Linux distros. Dirty Sock is a local privilege escalation flaw that lets attackers … Continue reading “Snapd (Dirty Sock) Privilege Escalation Vulnerability”
