Resposta de Emergência

Remote Code Execution Vulnerability Alert of Unix CUPS Print Service (CVE-2024-47076 / CVE-2024-47175 / CVE-2024-47177)

setembro 29, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT monitored the disclosure of the details of remote code execution vulnerabilities for Unix CUPS printing service on the Internet. When the system enables cups-browsed process listening (default port 631) to receive UDP packets, unauthenticated attackers induce victims to configure by constructing a malicious IPP server. When using the printing service, they […]

Microsoft’s August Security Update on High-Risk Vulnerabilities in Multiple Products

agosto 15, 2024 | NSFOCUS

Overview On August 14, NSFOCUS CERT detected that Microsoft released a security update patch for August, which fixed 90 security issues involving widely used products such as Windows, Microsoft Office, Visual Studio and Azure, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, […]

JumpServer File Read and Upload Vulnerability (CVE-2024-40628/CVE-2024-40629) Notification

julho 19, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that JumpServer issued a security announcement and fixed the file reading and uploading vulnerabilities in JumpServer (CVE-2024-40628/CVE-2024-40629). Due to improper permission configuration of the Ansible module in JumpServer, an attacker with a low-privilege account can use the ansible playbook to read arbitrary files in the celery container, resulting in disclosure […]

Critical Patch Update Notice in July for All Series of Oracle Products

julho 19, 2024 | NSFOCUS

Overview On July 17, 2024, NSFOCUS CERT detected that Oracle officially released a critical patch update announcement CPU (Critical Patch Update) for July. A total of 397 vulnerabilities of varying degrees were fixed this time. This security update involves Oracle WebLogic Server, Oracle MySQL, Oracle Java SE, Oracle Fusion Middleware, Oracle Financial Services Applications, Oracle […]

GitLab Authentication Bypass Vulnerability (CVE-2024-6385) Notification

julho 12, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that GitLab issued a security announcement and fixed the identity bypass vulnerability (CVE-2024-6385) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to the incomplete fixing of CVE-2024-5655, if the target branch has been deleted, when the target Gitlab repository merges the Merge Request controllable by attackers, The Pipeline […]

Microsoft’s Security Update in July of High-Risk Vulnerabilities in Multiple Products

julho 12, 2024 | NSFOCUS

Overview On July 10, NSFOCUS CERT detected that Microsoft released a security update patch for July, which fixed 139 security issues involving Windows, Microsoft SQL Server, Microsoft Office, Azure and other widely used products, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, […]

Remote Code Execution Vulnerability between GeoServer and GeoTools (CVE-2024-36401/CVE-2024-36404) Notification

julho 3, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that GeoServer and GeoTools issued security announcements and fixed the XPath expression injection vulnerability in GeoServer and GeoTools (CVE-2024-36404). As the GeoTools library API called by GeoServer will pass the attribute name of element type to commons-jxpath library in an insecure manner, this library can execute arbitrary code when parsing […]

OpenSSH Remote Code Execution Vulnerability (CVE-2024-6387) Notification

julho 2, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that OpenSSH issued a security announcement and fixed the remote code execution vulnerability of OpenSSH (CVE-2024-6387). Due to a signal handler race condition issue in OpenSSH Server (sshd) under the default configuration, if the client does not authenticate within seconds of LoginGraceTime (120 seconds by default and 600 seconds in […]

Multiple High-risk Vulnerabilities (CVE-2024-37079/CVE-2024-37080/CVE-2024-37081) in VMware vCenter Server Notification

junho 20, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that VMware released a security announcement to fix the heap overflow vulnerability (CVE-2024-37079/CVE-2024-37080) and privilege escalation vulnerability (CVE-2024-37081) in VMware vCenter Server. At present, the official version has been fixed. Please take measures for protection. CVE-2024-37079/CVE-2024-37080: Because the vCenter Server has a heap overflow vulnerability when executing the DCERPC protocol, […]

Microsoft’s Security Update Notification in June of High-Risk Vulnerabilities in Multiple Products

junho 18, 2024 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Microsoft released a security update patch for June, which fixed 49 security issues involving widely used products such as Windows, Azure, Microsoft Office and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, there […]