Overview: This January Patch Tuesday, Microsoft released patches related to Windows Remote Desktop Gateway (RD Gateway) that address the CVE-2020-0610 and CVE-2020-0609. Microsoft Remote Desktop Gateway (RDG), previously known as Terminal Services Gateway, allows users on public networks to access Windows desktops and applications hosted in cloud environment. The RD Gateway component uses Secure Sockets … Continue reading “Microsoft Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerabilities”
Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)
Summary: A local privilege escalation vulnerability was observed in Ricoh printer drivers for Windowsdue to insecure file permissions. This was assigned under CVE-2019-19363. Description: Any local user is able to overwrite program library files (DLLs) with own code as file permissions of file system entries are improperly set while a printer is added to the … Continue reading “Ricoh Printer Drivers for Windows Local Privilege Escalation Vulnerability (CVE-2019-19363)”
Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)
Summary: Recent Internet Explorer has been observed with zero-day remote code execution vulnerability attacks. To address Microsoft’s Internet Explorer (IE) web browser RCE vulnerability CVE-2020-0674 Microsoft published an advisory ADV200001. Description: jscript.dll is the vulnerable component for IE 11, and moderate for IE 9 and IE 10. Memory corruption at ease by an attacker leads … Continue reading “Internet Explorer Zero-day Remote Code Execution Vulnerability (CVE-2020-0674)”
Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)
Today, Microsoft released patch for CVE-2020-0601, a vulnerability in windows “crypt32.dll” component that could allow attackers to perform spoofing attacks. This was discovered and reported by National Security Agency (NSA) Researchers. The vulnerability affects Windows 10 and Windows Server 2016/2019 systems. This is a serious vulnerability and patches should be applied immediately. An attacker could … Continue reading “Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)”
Ajenti server exposed by RCE bug
Hi again, Today we are going to exploit Ajenti servers xD…. which are already exposed by RCE vulnerability. For starters, let me give you Google wiki introduction of Ajenti server, Ajenti is an open-source, web-based control panel that can be used for a large variety of server management tasks. On 13th October,19 a command injection … Continue reading “Ajenti server exposed by RCE bug”
Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability
Recently, Citrix has announced a critical vulnerability in the Citrix Application Delivery Controller (ADC) and Citrix Gateway products. The vulnerability, tracked as CVE-2019-19781, allows an unauthenticated remote attacker to run arbitrary code on the appliances. At this moment, few details regarding the vulnerability have been released. Affected products: Citrix ADC and Citrix Gateway version 13.0 … Continue reading “Citrix Application Delivery Controller (ADC) and Gateway Remote Code Execution Vulnerability”
Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)
Summary: Recently, a security researcher disclosed a XML External Entity Injection Zero Day in Microsoft Visual Studio 2008 Express IDE. It can allow remote attackers to grap files from the victims computer, sending them to the remote attackers server. Affected Product:Visual Studio 2008 Express IDE Security Issue:Visual Studio 2008 IDE vulnerable to XML External Entity … Continue reading “Microsoft Visual Studio 2008 Express IDE XML Injection Vulnerability (Zero Day)”
OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726
Summary: Qualys researchers discovered a local privilege escalation vulnerability in OpenBSD’s dynamic loader (ld.so): this vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges to attackers who has a low privilege on the system. Vulnerability: In OpenBSD with a low memory conditions, “_dl_split_path” function … Continue reading “OpenBSD Local Privilege Escalation Vulnerability CVE-2019-19726”
RCE vulnerability impacts Nostromo Web Server!
HOLA! I don’t think Professor Dumbledore destroyed the Resurrection Stone ツ It seems Nostromo possessed the stone all this time. Oh yes, I’m serious. If not, then how can you explain the return of this RCE Vulnerability!? Let’s have a look. In 2011, Nostromo web servers were affected by a directory traversal vulnerability leading to … Continue reading “RCE vulnerability impacts Nostromo Web Server!”
Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)
Summary: Apache Tomcat has a vulnerability in the CGI Servlet which can be exploited to achieve remote code execution (RCE). Only Windows is exploitable while running in a non-default configuration in conjunction with batch files. Description: conf/context.xml as well conf/web.xml enables CGI in tomcat. Common Gateway Interface (CGI) is a standard protocol allows passing of … Continue reading “Apache Tomcat on Windows CGI Servlet Remote Code Execution Vulnerability (CVE-2019-0232)”