PAN-OS Remote Root Code Execution : CVE-2017-15944

A remote code execution vulnerability has been discovered in the PAN-OS. The vulnerability has been assigned CVE-2017-15944. By exploiting this vulnerability an attacker can achieve arbitrary code execution in root context. The target is the web based management interface provided by the device for configuration and maintenance. The vulnerable versions are PAN-OS before 6.1.19, 7.0.x before 7.0.19, … Continue reading “PAN-OS Remote Root Code Execution : CVE-2017-15944”

Microsoft Office Memory Corruption Vulnerability : CVE-2017-11882

In the month of August a buffer overflow vulnerability was discovered in the in the “Microsoft Equation Editor”, the vulnerability has been assigned CVE-2017-11882. As the name suggests it is used for inserting and editing equations MS Office documents. The component in question was compiled without SafeSEH,NX,DEP,ASLR,CFG. All of which protect the machine from a wide … Continue reading “Microsoft Office Memory Corruption Vulnerability : CVE-2017-11882”

Return Of Bleichenbacher Oracle Threat [ROBOT]

ROBOT – Return Of Bleichenbacher Oracle Threat, is an attack model based on Daniel Bleichenbacher chosen-ciphertext attack. Bleichenbacher discovered an adaptive-chosen ciphertext attack against protocols using RSA, he demonstrated the ability to perform RSA private-key operations.  Researchers have been able to exploit the same vulnerability with small variations to the Bleichenbacher attack. Attack Model PKCS #1 v1.5 … Continue reading “Return Of Bleichenbacher Oracle Threat [ROBOT]”

[Zero Day] Memory Leak and Buffer Overflow Vulnerability in GNU C Library Dynamic Loader

Qualys Vulnerability and Malware Research Labs has uncovered vulnerabilities in the Linux operating system specifically in glibc’s ld.so shared object. CVE-2017-1000408 is a Memory Leak vulnerability and CVE-2017-1000409 is a Buffer overflow vulnerability which is not exploitable if /proc/sys/fs/protected_hardlinks is enabled on the machine. The targets are  not vulnerable to either of these vulnerabilities if … Continue reading “[Zero Day] Memory Leak and Buffer Overflow Vulnerability in GNU C Library Dynamic Loader”

Huge Dirty CoW Vulnerability : CVE-2017–1000405

Researchers have found that the patch for the original Dirty CoW is incomplete and does not address a condition where a read-only privileged page is marked dirty. The vulnerability has been assigned CVE-2017-1000405. Similar to Dirty CoW the bug allows an unprivileged authenticated local user to gain write access to read only memory mappings. By … Continue reading “Huge Dirty CoW Vulnerability : CVE-2017–1000405”

Apple MacOS High Sierra ‘root’ Access With No Password

A critical security flaw in macOS High Sierra, aka macOS 10.13, allows users to gain admin rights, or log in as root, without a password.  The consequences could be serious. Anyone having physical access to the system can log in to your user account, unlock your keychain and reveal your passwords, turn off FileVault, OS … Continue reading “Apple MacOS High Sierra ‘root’ Access With No Password”

Intel Firmware Remote Code Execution Vulnerabilities

Several vulnerabilities were discovered in Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). The vulnerabilities were discovered as a result of an in-house security review of the products in question and input from external researchers. The vulnerabilities are mostly buffer overflows leading to arbitrary code execution and privilege … Continue reading “Intel Firmware Remote Code Execution Vulnerabilities”

Oracle Releases Patches for JOLTANDBLEED Vulnerabilities

Introduction: Oracle pushed out an emergency update for vulnerabilities dubbed ‘JoltandBleed’ affecting five of its products that rely on its proprietary Jolt protocol. Two vulnerabilities (CVE-2017-10272 and CVE-2017-10269) discovered were severe and attackers can exploit these vulnerabilities without the need of valid credentials. This will allow an attacker to gain full access to all data … Continue reading “Oracle Releases Patches for JOLTANDBLEED Vulnerabilities”

D-Link Network Camera DCS-936L Weak CSRF Protection Vulnerability

It was a few months ago while working with D-Link on another issue,  I was provided with D-Link network camera, DCS-936L. According to D-Link this is a current and most popular product. This device was shipped with latest firmware, version 1.02.01 which had CSRF protection. My goal was to check if this CSRF protection could be … Continue reading “D-Link Network Camera DCS-936L Weak CSRF Protection Vulnerability”

Dell Active Roles Unquoted Service Path Vulnerability

Dell Active Roles (now Quest Active Roles) Server gives Active Directory administrators all the tools necessary to securely and efficiently manage Active Directory, overcoming the native shortcomings of AD and automates the most common AD administration tasks. Dell Active Roles uses a search path that contains an unquoted element, in which the element contains white … Continue reading “Dell Active Roles Unquoted Service Path Vulnerability”