A critical vulnerability has been found in DHCP client (dhclient) packages in Red Hat Enterprise Linux 6 and 7. The flaw allows unauthenticated remote attackers to execute arbitrary Linux commands with root privileges. An attacker can set up a malicious DHCP server on the local network and spoof DHCP responses in order to exploit this flaw … Continue reading “DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)”
Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897
An elevation of privilege attack was discovered in the stack change mechanism in Intel and AMD. On exploitation an attacker can execute user level code in kernel context or cause DoS. The vulnerability resulted due to misinterpretation of the documents describing the stack change process. CVE-2018-8897 has been assigned to track this vulnerability. The researchers … Continue reading “Mishandling of Debug Exceptions Leading to Elevation of Privilege : CVE-2018-8897”
GPON Home Routers Multiple Security Vulnerabilities
A couple of vulnerabilities affecting over one million GPON routers were disclosed recently. One of them was an Authentication Bypass vulnerability (CVE-2018-10561) and other one was a Command Injection vulnerability (CVE-2018-10562). An attacker can chain these vulnerabilities to execute arbitrary code on the targeted devices. A security researcher published his findings along with POC on … Continue reading “GPON Home Routers Multiple Security Vulnerabilities”
Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174
A Zero-Day vulnerability in VBScript was disclosed to Microsoft. The vulnerability was discovered as an active attack in the wild. The bug is in the VBScript engine used in Windows. Its classified as a Use-After-Free (UAF) vulnerability. CVE-2017-8174 is assigned to track this bug. Currently attackers are exploiting this vulnerability to execute shellcode and PowerShell … Continue reading “Internet Explorer VBScript Use-After-Free Vulnerability: CVE-2018-8174”
Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628
A deserialization vulnerability was discovered in Oracle WebLogic server’s core components. Upon successful exploitation an attacker can take control of the target server. The exploit targets the server by sending a custom serialized object using T3 protocol and achieves remote arbitrary code execution. T3 and T3S(T3 over TLS) protocol is used to exchange data between … Continue reading “Oracle WebLogic Deserialization Vulnerability : CVE-2018-2628”
Drupal Critical RCE Patch Release [CVE-2018-7602]
Drupal released a critical update to address CVE-2018-7602. Upon exploiting the bug an attacker can gain remote code execution that can compromise the site. The vulnerability affects Drupal 7.x and 8.x. The vulnerability was disclosed by Drupal’s in house team. A similar bug (CVE-2018-7600) was patched SA-CORE-2018-002. Both of these vulnerabilities are being exploited in the wild. … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7602]”
Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) Installation Manager Missing Access Control Vulnerability (DSA-2018-025)
EMC Avamar Virtual Edition is great for enterprise backup data protection for small and medium-sized offices. Avamar Virtual Edition is optimized for backup and recovery of virtual and physical servers, enterprise applications, remote offices, and desktops or laptops. Avamar Installation Manager is affected by a missing access control check vulnerability which could potentially allow a … Continue reading “Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) Installation Manager Missing Access Control Vulnerability (DSA-2018-025)”
Drupal Critical RCE Patch Release [CVE-2018-7600]
On 21 March 2018 Drupal released a statement that a major vulnerability was reported. They have rated this vulnerability as critical. As per their statement “exploits might be developed within hours or days”, Due to the severity of the issue Drupal is releasing patches for unsupported version as well. CVE-2018-7600 has been assigned to track this issue. Drupal security … Continue reading “Drupal Critical RCE Patch Release [CVE-2018-7600]”
HP Intelligent Management Center (iMC) RMI Registry Java Deserialization Remote Code Execution Vulnerability
HPE Intelligent Management Center Enterprise Software Platform is a comprehensive wired and wireless network management tool supporting the FCAPS model, provides for end-to-end business management of IT, scalability of system architecture, and accommodation of new technology and infrastructure. Vulnerability: A deserialization vulnerability has been reported in the HPE Intelligent Management Center (iMC). The vulnerability is … Continue reading “HP Intelligent Management Center (iMC) RMI Registry Java Deserialization Remote Code Execution Vulnerability”
Vulnerabilities in AMD Processors RYZEN and EPYC
Various vulnerabilities have been discovered in AMD’s Zen architecture based processors – Ryzen and EPYC. Ryzen processors are aimed towards workstations, laptops and mobiles and EPYC is geared towards servers. The vulnerabilities have been discovered by CTS-Labs, they claim that attackers can exploit these vulnerabilities to : Inject malicious code in to the chip itself. … Continue reading “Vulnerabilities in AMD Processors RYZEN and EPYC”
