Code Execution Vulnerability in Red Hat DHCP Client Script
May 16, 2018
Red Hat released a security advisory on May 15 for fixing a critical vulnerability (CVE-2018-1111)in the DHCP Client. An attacker on local network could use a malicious DHCP server or a spoofed DHCP response to execute arbitrary command with root privileges on systems using NetworkManager which is configured to obtain network configuration using the […]
Adobe Fixed Nearly 50 Vulnerabilities in Acrobat and Reader
May 16, 2018
Adobe released updates on Monday for 47 vulnerabilities in its Acrobat and reader, including critical ones that allow information leakage and arbitrary code execution. Category Impact Severity CVE# Double Free Arbitrary Code Execution Critical CVE-2018-4990 Heap Overflow Arbitrary Code Execution Critical CVE-2018-4947, CVE-2018-4948, CVE-2018-4966, CVE-2018-4968, CVE-2018-4978, CVE-2018-4982, CVE-2018-4984 Use-after-free Arbitrary Code Execution Critical CVE-2018-4946, CVE-2018-4952, CVE-2018-4954, CVE-2018-4958, CVE-2018-4959, […]
Multiple Vulnerabilities Found in Spring
May 10, 2018
Spring released security advisories on May 9 local time for fixing its multiple vulnerabilities, including a critical remote code execution vulnerability. Reference link: https://pivotal.io/security Vulnerability Description CVE-2018-1257 (High) Parts of Spring Framework versions allow application programs to use Spring message module to make public STOMP on WebSocket endpoint through simple memory STOMP broker. An attacker could […]
Drupal Remote Code Execution Vulnerability
April 30, 2018
Drupal released a security advisory on April 25 local time, saying a critical vulnerability (CVE-2018-7602) affected Drupal 7.x and 8.x. Attackers could exploit this vulnerability in many ways for remote code execution. Drupal says it correlates with the previous vulnerability CVE-2018-7600 and has been found exploited by attackers. NSFOCUS Threat Intelligence (NTI) Center shows […]
Oracle WebLogic Server RCE Deserialization Vulnerability Analysis
April 20, 2018
On April 17th local time, Oracle released the critical patch update (CPU) advisory, which contains a fix for the high-risk WebLogic server deserialization vulnerability (CVE-2018-2628), via which attackers can remotely execute arbitrary code in an unauthorized manner. Reference link: http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Affected Versions WebLogic 10.3.6.0 WebLogic 12.1.3.0 WebLogic 12.2.1.2 WebLogic 12.2.1.3 According to data on the […]
Oracle WebLogic Server RCE Deserialization Vulnerability
April 18, 2018
On 17 April, the local time in California, Oracle released its Critical Patch Update(CPU) Advisory in which a critical WebLogic deserialization vulnerability (CVE-2018-2628) allowing remote code execution without authorization was disclosed. This vulnerability was first discovered by an NSFOCUS researcher, who reported it to Oracle immediately. More information about this vulnerability together with NSFOCUS’s technical […]
Drupal Code Execution Vulnerability Analysis
March 30, 2018
Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related with Drupal’s rendering of forms: […]
ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections
March 22, 2018
It is no surprise that everyone, including organizations, are vulnerable to a large amount of threats on a daily basis. In Q3 of 2016 alone, Panda Labs captured 18 million new malware samples; that is not including samples detected by other companies. Furthermore, in a study done by Friedrich-Alexander University (FAU), 78% of participants stated […]
Local Privilege Escalation Vulnerability in Latest Ubuntu Server
March 19, 2018
The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability. Currently Ubuntu has not released the patch yet. Affected version: Currently we know: Ubuntu 16.04.4 (the latest version) […]