SecuriTeam Secure Disclosure

Vulnerabilities Summary The following advisory describes an SQL Injection in dotCMS 3.6.0 H2 Database that allows attackers to Remote Code Execution. Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response We contacted the vendor back in December 2016 and they responded with: “H2 is not a … Continue reading SSD Advisory – dotCMS H2 Database Remote Code Execution →

On our last blog post “Know your community” we interviewed Orange Tsai from Taiwan. Today we had the honor to interview Eva Tanaskoska! Introduction Eva is 23 years old, just finished her Bachelor studies in Network Technologies and in the near future will move to the Netherlands to work in the information security industry. Questions … Continue reading Know your community – Eva Tanaskoska →

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities in Icewarp, AfterLogic and MailEnable Webmails. The three vulnerabilities found are: Afterlogic Webmail code injection Icewarp Webmail code injection MailEnable Webmail code injection Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor Responses AfterLogic AfterLogic has released patch … Continue reading SSD Advisory – Icewarp, AfterLogic and MailEnable Code Injection →

Vulnerabilities Summary Cisco Mobile Services Engine (MSE) is a platform that helps organizations increase visibility into the network, customize location-based mobile services, and strengthen security. The following advisory describes Cisco MSE Pre-Authentication Code Execution (Cisco MSE version 8.0.100.0). Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor … Continue reading SSD Advisory – Cisco MSE Preauthentication Remote Code Execution →

Vulnerabilities Summary The following advisory describes four (4) vulnerabilities in DropBear. DropBear is a SSH server and client. It runs on a variety of POSIX-based platforms. DropBear is open source software, distributed under a MIT-style license. DropBear is particularly useful for “embedded”-type Linux (or other Unix) systems, such as wireless routers. The four vulnerabilities found … Continue reading SSD Advisory – DropBear Multiple Vulnerabilities →

Vulnerability Summary The following advisory describes Heap overflow vulnerability that can lead to remote code execution in Pervasive SQL server (Version 12.01.031.000). Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vulnerability Details Heap overflow vulnerability This vulnerability allows an attacker to overflow a heap buffer after Server-Client … Continue reading SSD Advisory – Pervasive SQL Heap Overflow →

Vulnerability Description BusyBox provides an arp applet which is missing an array bounds check for command-line parameter IFNAME. It is therefore vulnerable to a command-line based local stack buffer overwrite effectively allowing local users to write past a 16 bytes fixed stack buffer. This leads to two scenarios, one (A) where an IOCTL for GET_HW_ADDRESS … Continue reading SSD Advisory – BusyBox (local) cmdline stack buffer overwrite →

Happy new year everyone! One of our new year’s resolution is to promote the security community in different ways – sponsoring security conferences, publish new vulnerabilities and to write blog posts about leading security researchers that work and strengthen their local community. One of the best things of being part of the cyber security community … Continue reading Know your community – Orange Tsai →