SSD 安全公告-McAfee LiveSafe MiTM 注册表 修改导致远程执行命令漏洞

Credit to Author: SSD / Maor Schwartz| Date: Tue, 14 Nov 2017 12:11:39 +0000

漏洞概要 以下安全公告描述了在 McAfee LiveSafe (MLS) 中存在的一个远程命令执行漏洞,该漏洞影响了McAfee LiveSafe(MLS)16.0.3 之前全部版本. 之前全部版本. 漏洞允许网络攻击者通过篡改 HTTP 后端响应, 进而修改与 McAfee 更新相关的 Windows 注册表值. McAfee Security Scan Plus 是一个免费的诊断工具,通过主动地检查计算机中最新的防病毒软件、防火墙和网络安全软件更新,确保用户免受威胁,同时还会扫᧿正在运行程序中的威胁. 漏洞ᨀ交者 一家独立的安全研究公司 Silent Signal 向 Beyond Security 的 SSD 报告了该漏洞。 厂商响应 厂商已经发布针对该漏洞的补丁地址。获取更多信息: https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102714 CVE: CVE-2017-3898 漏洞详细信息 网络攻击者可以在多个 McAfee 产品中实现远程代码执行。受影响的产品会通过明文 HTTP 通道从 http://COUNTRY.mcafee.com/apps/msc/webupdates/mscconfig.asp 中检索配置数据 (其中的“COUNTRY”修改为国家的两字母标识符,例如“uk”) 响应的正文包含 XML 格式数据,类似于下面的代码: [crayon-5a0b6be0a3ef1483398647/] 上述响应᧿述了在 webservice-response/update 路径下使用 reg 标签进行注册表修改的行为。 … Continue reading SSD 安全公告-McAfee LiveSafe MiTM 注册表 修改导致远程执行命令漏洞

Read more

SSD Advisory – Cisco UCS Platform Emulator Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Wed, 01 Nov 2017 05:08:10 +0000

Vulnerabilities Summary The following advisory describes two remote code execution vulnerabilities found in Cisco UCS Platform Emulator version 3.1(2ePE1). Cisco UCS Platform Emulator is the Cisco UCS Manager application bundled into a virtual machine (VM). The VM includes software that emulates hardware communications for the Cisco Unified Computing System (Cisco UCS) hardware that is configured … Continue reading SSD Advisory – Cisco UCS Platform Emulator Remote Code Execution

Read more

SSD Advisory – Ikraus Anti Virus Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Mon, 16 Oct 2017 09:21:04 +0000

Vulnerability summary The following advisory describes an remote code execution found in Ikraus Anti Virus version 2.16.7. KARUS anti.virus “secures your personal data and PC from all kinds of malware. Additionally, the Anti-SPAM module protects you from SPAM and malware from e-mails. Prevent intrusion and protect yourself against cyber-criminals by choosing IKARUS anti.virus, powered by … Continue reading SSD Advisory – Ikraus Anti Virus Remote Code Execution

Read more

SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

Credit to Author: SSD / Maor Schwartz| Date: Thu, 07 Sep 2017 06:14:58 +0000

Vulnerabilities Summary The following advisory describes a Remote Code Execution found in McAfee McAfee LiveSafe (MLS) versions prior to 16.0.3. The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. McAfee Security Scan Plus is a free diagnostic tool that ensures you are protected from … Continue reading SSD Advisory – McAfee LiveSafe MiTM Registry Modification leading to Remote Command Execution

Read more

SSD Advisory – ScrumWorks Pro Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Tue, 22 Aug 2017 05:22:12 +0000

Vulnerability Summary The following advisory describes a remote code execution vulnerability found in ScrumWorks Pro version 6.7.0. “CollabNet ScrumWorks Pro is an Agile Project Management for Developers, Scrum Masters, and Business”. A trial version can be downloaded from the vendor: https://www.collab.net/products/scrumworks Credit A security researcher from, Siberas, has reported this vulnerability to Beyond Security’s SecuriTeam … Continue reading SSD Advisory – ScrumWorks Pro Remote Code Execution

Read more

SSD Advisory – Chrome Turbofan Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Wed, 16 Aug 2017 07:21:39 +0000

Vulnerability Summary The following advisory describes a type confusion vulnerability that leads to remote code execution found in Chrome browser version 59. Chrome browser is affected by a type confusion vulnerability. The vulnerability results from incorrect optimization by the turbofan compiler, which causes confusion between access to an object array and a value array, and … Continue reading SSD Advisory – Chrome Turbofan Remote Code Execution

Read more

SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Wed, 09 Aug 2017 10:50:38 +0000

Vulnerability Summary The following advisory describes a use after free vulnerability that leads to remote code execution found in Acrobat Reader DC version 2017.009.20044. Credit A security researcher from, Siberas, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response The vendor has released patches to address this vulnerability. For more information: … Continue reading SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution

Read more

SSD Advisory – Adobe Reader DC – execMenuItem Off-by-One Heap Buffer Overflow

Credit to Author: SSD / Maor Schwartz| Date: Wed, 09 Aug 2017 10:47:48 +0000

Vulnerability Summary The following advisory describes a JavaScript execMenuItem off-by-One heap buffer overflow, that can potentially lead to Remote Code Execution, found in Adobe Reader DC version 15.23.20056.213124. Credit An independent security researcher, Steven Seeley, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response The vendor has released patches to address … Continue reading SSD Advisory – Adobe Reader DC – execMenuItem Off-by-One Heap Buffer Overflow

Read more