NSFOCUS, Author at NSFOCUS - Página 230 de 273

Cybersecurity threat analysis workflow with software icons.

Cisco IOS/IOS XE Software Remote Code Execution Vulnerability (CVE-2018-0171)

Por NSFOCUSPostou 30 de março de 2018

Recently a serious vulnerability (CVE-2018-0171) was disclosed in Cisco IOS and IOS XE software. An attacker could reload an affected device without authorization, resulting in a denial of service condition or remote code execution. This vulnerability originated from improper validation of packet data. An attack could exploit this vulnerability by...

Drupal Code Execution Vulnerability Analysis

Por NSFOCUSPostou 30 de março de 2018

Recently, Drupal, a popular open-source content management framework, is found to contain a highly critical remote code execution vulnerability, which allows attackers to execute malicious code on a Drupal site, resulting in the site being completely compromised. This vulnerability is assigned CVE-2018-7600. The root cause of this vulnerability is related...

Assembly code snippet with highlighted line.

ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections

Por NSFOCUSPostou 22 de março de 2018

It is no surprise that everyone, including organizations, are vulnerable to a large amount of threats on a daily basis. In Q3 of 2016 alone, Panda Labs captured 18 million new malware samples; that is not including samples detected by other companies. Furthermore, in a study done by Friedrich-Alexander University...

ThreatQ Leverages NSFOCUS to Categorize Threats and Pinpoint Valuable Connections

Por NSFOCUSPostou 20 de março de 2018

Local Privilege Escalation Vulnerability in Latest Ubuntu Server

Por NSFOCUSPostou 19 de março de 2018

The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability. Currently Ubuntu has not released the patch yet. Affected version: Currently we know:...

A doctor measuring a patient's blood pressure with a sphygmomanometer.

Remote Code Execution Vulnerability in ManageEngine Applications Manager 13.5

Por NSFOCUSPostou 14 de março de 2018

Recently, researchers discovered a serious remote code execution (RCE) vulnerability (CVE-2018-7890) in ManageEngine Applications Manager. Vulnerabilities originate from the publicly accessible testCredential.do endpoint, which can result in remote code execution when validating user-supplied credentials. At present, no official version has been released to fix this vulnerability. Reference links: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7890 https://www.securityfocus.com/bid/103358 https://pentest.blog/advisory-manageengine-applications-manager-remote-code-execution-sqli-and/...