SecuriTeam Secure Disclosure – Page 2 – Computer Security Articles

Credit to Author: SSD / Ori Nimron| Date: Tue, 09 Oct 2018 08:55:15 +0000

Vulnerabilities Summary A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. Vendor Response “Security vulnerabilities … Continue reading SSD Advisory – Firefox Information Leak

Independent Securiteam

SSD Advisory – Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation

October 4, 2018 admin Local File Inclusion, Privilege Escalation, Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Ori Nimron| Date: Thu, 04 Oct 2018 05:12:22 +0000

Vulnerabilities Summary Cisco Prime Infrastructure (CPI) contains two vulnerabilities that when exploited allow an unauthenticated attacker to achieve root privileges and execute code remotely. The first vulnerability is a file upload vulnerability that allows the attacker to upload and execute JSP files as the Apache Tomcat user. The second vulnerability is a privilege escalation to … Continue reading SSD Advisory – Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation

Independent Securiteam

SSD Advisory – Android Printing Man in the Middle Attack

October 2, 2018 admin SecuriTeam Secure Disclosure

Credit to Author: SSD / Ori Nimron| Date: Tue, 02 Oct 2018 10:03:44 +0000

Vulnerabilities Summary Android 8.1 has introduced the new feature of a default printing service. This service, based on the very similar, freely available Mopria Alliance Print Service on the Google Play Store, suffers from a lack of validation which can lead to both man in the middle attacks and subsequent interception of print jobs, as … Continue reading SSD Advisory – Android Printing Man in the Middle Attack

Independent Securiteam

SSD Advisory – IRDA Linux Driver UAF

September 27, 2018 admin Privilege Escalation, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Ori Nimron| Date: Thu, 27 Sep 2018 11:23:40 +0000

Vulnerabilities Summary The following advisory describes two vulnerabilities in the Linux Kernel. By combining these two vulnerabilities a privilege escalation can be achieved. The two vulnerabilities are quite old and have been around for at least 17 years, quite a few Long Term releases of Linux have them in their kernel. While the assessment of … Continue reading SSD Advisory – IRDA Linux Driver UAF

Independent Securiteam

SSD Advisory – ASUSTOR NAS Devices Authentication Bypass

September 20, 2018 admin SecuriTeam Secure Disclosure, Unauthorized Access

Credit to Author: SSD / Ori Nimron| Date: Thu, 20 Sep 2018 03:41:42 +0000

Vulnerabilities Summary An ASUSTOR NAS or network attached storage is “a computer appliance built from the ground up for storing and serving files. It attaches directly to a network, allowing those on the network to access and share files from a central location”. In the following advisory we will discuss a vulnerability found inside ASUSTOR … Continue reading SSD Advisory – ASUSTOR NAS Devices Authentication Bypass

Independent Securiteam

SSD Advisory – CloudByte ElastiStor OS Unauthenticated Remote Code Execution

August 23, 2018 admin Remote Code Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Ori Nimron| Date: Thu, 23 Aug 2018 10:57:33 +0000

Vulnerabilities Summary The following advisory describes two vulnerabilities found in ElastiCenter, ElastiStor’s management console, File Injection that leads to unauthenticated remote code execution. ElastiCenter is the centralized management tool that you use to configure, monitor, manage, and deploy the services provided by CloudByte ElastiStor. ElastiCenter lets you: Use the Graphical User Interface to manage the … Continue reading SSD Advisory – CloudByte ElastiStor OS Unauthenticated Remote Code Execution

Independent Securiteam

SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

August 20, 2018 admin Sandbox escape, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Ori Nimron| Date: Mon, 20 Aug 2018 06:00:52 +0000

Vulnerability Summary VirtualBox has a built-in RDP server which provides access to a guest machine. While the RDP client sees the guest OS, the RDP server runs on the host OS. Therefore, to view the guest OS the RDP client will make a connection to the host OS IP address rather than the guest OS … Continue reading SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

Independent Securiteam

SSD Advisory – Linux Kernel AF_PACKET Use After Free (packet_sock)

August 15, 2018 admin SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Ori Nimron| Date: Wed, 15 Aug 2018 05:26:28 +0000

Vulnerability Summary UAF vulnerability in Linux Kernel’s implementation of AF_PACKET leads to privilege escalation. AF_PACKET sockets allow users to send or receive packets on the device driver level, which lets them implement their own protocol on top of the physical layer or sniffing packets including Ethernet and higher levels protocol and higher levels of the … Continue reading SSD Advisory – Linux Kernel AF_PACKET Use After Free (packet_sock)