Overview On October 11, NSFOCUS CERT monitored that Microsoft had released a security update patch for October, fixing 104 security problems, involving Microsoft WordPad, Skype for Business, Windows Layer 2 Tunneling Protocol, Microsoft Message Queuing and other widely used products, including high-risk vulnerability types such as privilege enhancement, remote code...
Categoria: Blog
curl SOCKS5 Heap Overflow Vulnerability (CVC-2023-38545) Notification
Overview Recently, NSFOCUS monitored curl's official security announcement, which fixed the SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545) and cookie injection vulnerability (CVE-2023-38546). The details of the vulnerability have been made public. Affected users should upgrade curl as soon as possible. SOCKS5 Heap Buffer Overflow Vulnerability (CVS 2023-38545) When curl is...
Exim Remote Code Execution Vulnerability (CVS 2023-42115) Notification
Overview Recently, NSFOCUS CERT detected an Exim remote code execution vulnerability (CVE-2023-42115). When external authentication is enabled, due to improper user input verification, an unauthenticated attacker can remotely exploit this vulnerability by writing data beyond the bounds, ultimately executing arbitrary code on the target server. At present, the details of...
NSFOCUS Receives CNVD Outstanding Contribution Award for Original Vulnerability Submission
The CNVD (China National Vulnerability Database) platform recently initiated the 2022 annual technical group support unit's capability assessment. A comprehensive assessment was conducted across six capability domains, including vulnerability collection, vulnerability discovery, big data analysis of vulnerability threat risks, vulnerability technical analysis, major vulnerability incident response, and collaborative teamwork. NSFOCUS...
Mirai Botnet’s New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught
I. Abstract In September 2023, NSFOCUS global threat hunting system monitored several new botnet variant families developed based on Mirai, among which hailBot, kiraiBot and catDDoS are the most active, are accelerating their spread, and are widely deployed, which has constituted a considerable threat. Through this article, we will disclose...
Google Chrome Heap Buffer Overflow Vulnerability (CVE-2023-5217) Notification
Overview Recently, NSFOCUS CERT found that Google officially fixed a zero-day exploit (CVE-2023-5217), which was caused by the heap buffer overflow in the VP8 encoding of the open source libvpx video codec library. An attacker could use this vulnerability to execute arbitrary code on the target system. At present, this...
