Securiteam – Page 4 – Computer Security Articles

Credit to Author: SSD / Ori Nimron| Date: Mon, 20 Aug 2018 06:00:52 +0000

Vulnerability Summary VirtualBox has a built-in RDP server which provides access to a guest machine. While the RDP client sees the guest OS, the RDP server runs on the host OS. Therefore, to view the guest OS the RDP client will make a connection to the host OS IP address rather than the guest OS … Continue reading SSD Advisory – VirtualBox VRDP Guest-to-Host Escape

Independent Securiteam

SSD Advisory – Linux Kernel AF_PACKET Use After Free (packet_sock)

August 15, 2018 admin SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Ori Nimron| Date: Wed, 15 Aug 2018 05:26:28 +0000

Vulnerability Summary UAF vulnerability in Linux Kernel’s implementation of AF_PACKET leads to privilege escalation. AF_PACKET sockets allow users to send or receive packets on the device driver level, which lets them implement their own protocol on top of the physical layer or sniffing packets including Ethernet and higher levels protocol and higher levels of the … Continue reading SSD Advisory – Linux Kernel AF_PACKET Use After Free (packet_sock)

Independent Securiteam

SSD Advisory – Infiniband Linux Driver UAF

August 2, 2018 admin SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Ori Nimron| Date: Thu, 02 Aug 2018 12:10:25 +0000

Vulnerability Summary A bug in the threads synchronization of Infiniband Driver can cause an Use After Free. A struct that is allocated and free’d by a thread, is accessible through a second thread. If the second thread is calling the function “idr_find” before the struct was free’d by the first thread, then he can still … Continue reading SSD Advisory – Infiniband Linux Driver UAF

Independent Securiteam

SSD Advisory – LINE Corporation URI Handlers Remote Commands Execution

July 29, 2018 admin DLL Hijacking, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: SSD / Ori Nimron| Date: Sun, 29 Jul 2018 05:10:59 +0000

Vulnerabilities Summary LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. A user clicking on a specially crafted link, can use this vulnerability to cause the user to insecurely load an arbitrary DLL which can be used to cause arbitrary code execution. Vendor Response “We released version 5.8.0 … Continue reading SSD Advisory – LINE Corporation URI Handlers Remote Commands Execution

Independent Securiteam

SSD Advisory – phpMyAdmin File Inclusion and Remote Code Execution

July 2, 2018 admin Local File Inclusion, Remote Code Execution, SecuriTeam Secure Disclosure

Credit to Author: SSD / Ori Nimron| Date: Mon, 02 Jul 2018 12:19:53 +0000

Vulnerabilities Summary Authenticated users can exploit a file inclusion vulnerability in phpMyAdmin which can then be combined with another vulnerability, to perform Remote Code Execution. In addition, authnticated attackers can view files and execute PHP files that located on the server by exploiting a bug in the part of the code that is responsible for … Continue reading SSD Advisory – phpMyAdmin File Inclusion and Remote Code Execution

Independent Securiteam

Hack2Win eXtreme Warm Up

July 2, 2018 admin Hack2Win, SecuriTeam Secure Disclosure

Credit to Author: SSD / Noam Rathaus| Date: Mon, 02 Jul 2018 10:55:25 +0000

In our upcoming Hack2Win eXtreme event in Hong Kong we will be asking contest participants to come and try their skills breaking into devices and software, showing their abilities in finding vulnerabilities in iOS and Android, as well as in Chrome and Firefox. In preparation for the event, we are launching a “warm up” event … Continue reading Hack2Win eXtreme Warm Up

Independent Securiteam

beVX Conference Challenge – HiTB

June 22, 2018 admin Conferences

Credit to Author: SSD / Noam Rathaus| Date: Fri, 22 Jun 2018 11:30:44 +0000

During the event of Hack In the Box, we launched an ARM reverse engineering and exploitation challenge and gave the attendees the change to win great prizes. The challenge was divided into two parts, a file – can be downloaded from here: https://www.beyondsecurity.com/bevxcon/bevx-challenge-10 – that you had to download and reverse engineer and server that … Continue reading beVX Conference Challenge – HiTB

Independent Securiteam

SSD Advisory – QRadar Remote Command Execution

May 28, 2018 admin Remote Command Execution, SecuriTeam Secure Disclosure, Unauthenticated Action

Credit to Author: SSD / Noam Rathaus| Date: Mon, 28 May 2018 10:53:15 +0000

Vulnerability Summary Multiple vulnerabilities in QRadar allow a remote unauthenticated attackers to cause the product to execute arbitrary commands. Each vulnerability on its own is not as strong as their chaining – which allows a user to change from unauthenticated to authenticated access, to running commands, and finally running these commands with root privileges. Vendor … Continue reading SSD Advisory – QRadar Remote Command Execution