Remote Command Execution – Page 5 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Sun, 30 Jul 2017 06:47:06 +0000

Vulnerability Summary The following advisory describes a Remote Code Execution found in McAfee Security Scan Plus. An active network attacker could launch a man-in-the-middle attack on a plaintext-HTTP response to a client to run any residing executables with privileges of a logged in user. McAfee Security Scan Plus is a free diagnostic tool that ensures … Continue reading SSD Advisory – McAfee Security Scan Plus Remote Command Execution

Independent Securiteam

SSD Advisory – Nitro Pro PDF Multiple Vulnerabilities

July 24, 2017 admin Directory Traversal, Remote Command Execution, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Maor Schwartz| Date: Mon, 24 Jul 2017 05:25:58 +0000

Vulnerabilities Summary The following advisory describes three vulnerabilities found in Nitro / Nitro Pro PDF. Nitro Pro is the PDF reader and editor that does everything you will ever need to do with PDF files. The powerful but snappy editor lets you change PDF documents with ease, and comes with a built-in OCR engine that … Continue reading SSD Advisory – Nitro Pro PDF Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

May 30, 2017 admin External Entity (XXE), File Disclosure, Privilege Escalation, Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.” The vulnerabilities found in Trend Micro … Continue reading SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – Trend Micro Deep Security Multiple Vulnerabilities

May 29, 2017 admin External Entity (XXE), File Disclosure, Privilege Escalation, Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: SSD / Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Deep Security version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads. It features Trend Micro Deep Security, the market … Continue reading SSD Advisory – Trend Micro Deep Security Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

May 25, 2017 admin Cross Site Scripting, Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: SSD / Noam Rathaus| Date: Thu, 25 May 2017 06:01:41 +0000

KEMP’s main product, the LoadMaster, is a load balancer built on its own proprietary software platform called LMOS, that enables it to run on almost any platform: As a KEMP LoadMaster appliance, a Virtual LoadMaster (VLM) deployed on Hyper-V, VMWare, on bare metal or in the public cloud. KEMP is available in Azure, where it … Continue reading SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

Independent Securiteam

SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

April 19, 2017 admin Buffer Overflow, Remote Code Execution, Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Wed, 19 Apr 2017 13:52:33 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in Linksys EA, XAC and AC series devices. The vulnerabilities has been found in the way the Linksys devices (EA, XAC and AC series) handle the Point-to-point protocol over Ethernet (PPPoE) Discovery (PPPoED) process allowing an unprivileged active attacker on the same network segment (layer2) … Continue reading SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Independent Securiteam

SSD Advisory – AlienVault OSSIM / USM Remote Command Execution

April 3, 2017 admin Remote Command Execution, SecuriTeam Secure Disclosure

Credit to Author: Maor Schwartz| Date: Mon, 03 Apr 2017 07:29:37 +0000

Vulnerability Summary The following advisory describes a Remote Command Execution vulnerability found in AlientVault OSSIM and USM version 5.3.4 and version 5.3.5. OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the … Continue reading SSD Advisory – AlienVault OSSIM / USM Remote Command Execution