Threat Alert

Linux Kernel Privilege Escalation Vulnerability (CVE-2021-33909) Threat Alert

August 13, 2021

Overview Recently, NSFOCUS CERT discovered that the Qualys research team disclosed a local privilege escalation vulnerability (CVE-2021-33909, aka Sequoia) in the filesystem layer in the Linux kernel. It is a size_t-to-int type conversion vulnerability in the seq_file interface in the Linux kernel. fs/seq_file.c’s improper restriction of the seq buffer allocation may cause an integer overflow, […]

WebLogic Multiple High-Risk Vulnerabilities Threat Alert

August 10, 2021

Overview On July 21, 2021, NSFOCUS detected that Oracle released the April 2021 Critical Patch Update (CPU), which fixed 342 vulnerabilities of varying risk levels. Among these vulnerabilities, three severe ones are easy to exploit to affect WebLogic. Users are advised to take measures without delay to protect against the preceding vulnerabilities. CVE-2021-2382/CVE-2021-2394/CVE-2021-2397: These vulnerabilities […]

LIVE NETWORKS LIVE555 Streaming Media RTSP Server Remote Code Execution Vulnerability(CVE-2018-4013) Threat Alert

October 26, 2018

Overview

Recently, the TALOS team disclosed a critical remote code execution vulnerability (CVE-2018-4013). This vulnerability exists in the HTTP packet parsing functionality of the LIVE555 RTSP server library. An attacker could exploit this vulnerability to cause a stack-based buffer overflow via a specially crafted packet, resulting in code execution. (more…)

Drupal Remote Code Execution Vulnerability Threat Alert

October 24, 2018

Overview

Recently, Drupal released an official security advisory to announce the fixes for multiple security issues, including two critical remote code execution vulnerabilities which affect Drupal 7 and 8.

The two critical vulnerabilities are described as follows: (more…)

libssh Server-Side Identity Authentication Bypass Vulnerability (CVE-2018-10933)Threat Alert

October 23, 2018

Overview

On October 16, local time, libssh officially released an update to fix the server-side identity authentication bypass vulnerability (CVE-2018-10933) existing in libssh 0.6 and later versions. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials. (more…)

WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert

October 23, 2018

Overview

On October 17, Beijing time, Oracle officially released a Critical Patch Update (CPU), which contains a fix for the critical WebLogic remote code execution vulnerability (CVE-2018-3191). This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation of it can result in takeover of Oracle WebLogic Server, hence remote code execution.

(more…)

WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert

October 22, 2018

Overview

On October 16, local time (early morning on October 17, Beijing time), Oracle officially released the October (third quarter) Critical Patch Update (CPU), which fixes a July (second quarter) CPU patch. The WebLogic remote code execution vulnerability (CVE-2018-2893) has not been fully fixed. The newly fixed vulnerability is assigned CVE-2018-3245. (more…)

Oracle October 2018 Critical Patch Update for All Product Families Threat Alert

October 22, 2018

Overview

On October 16, 2018, local time, Oracle released its quarterly security advisory of the Critical Patch Update (CPU) for the third quarter. The CPU fixes 301 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, see the appendix. (more…)

Search

Subscribe to the NSFOCUS Blog