The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
Monthly Archives: April 2015
CVE-2015-2838 (netscaler)
Cross-site request forgery (CSRF) vulnerability in Nitro API in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary commands as nsroot via shell metacharacters in the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix.
CVE-2015-2839 (netscaler)
The Nitro API in Citrix NetScaler before 10.5 build 52.3nc uses an incorrect Content-Type when returning an error message, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the file_name JSON member in params/xen_hotfix/0 to nitro/v1/config/xen_hotfix.
CVE-2015-2840 (netscaler)
Cross-site scripting (XSS) vulnerability in help/rt/large_search.html in Citrix NetScaler before 10.5 build 52.3nc allows remote attackers to inject arbitrary web script or HTML via the searchQuery parameter.
CVE-2015-2841 (netscaler)
Citrix NetScaler AppFirewall, as used in NetScaler 10.5, allows remote attackers to bypass intended firewall restrictions via a crafted Content-Type header, as demonstrated by the application/octet-stream and text/xml Content-Types.
Kemp Load Master 7.1-16 CSRF / XSS / DoS / Code Execution
Kemp Load Master version 7.1-16 suffers from code execution, cross site request forgery, cross site scripting, and denial of service vulnerabilities.
Dyre Banking Malware A Million-Dollar Threat
IBM warns banks and corporate officers of a change to the dangerous Dyre banking Trojan that involves the phone scam used to bypass fraud detection, and a DDoS attack that distracts security teams away from big-money transfers.
A security breach has been detected in WordPress SEO by Yoast plugin!
The search engine optimization, the well-known SEO, enables Google to show our webpage before than other hundreds of millions of sites. That’s the reason why editors of corporate and personal blogs worry so much about visibility.
If you use WordPress, you will probably have installed “WordPress SEO by Yoast”, the most famous plugin that handles this task and has over 14 million downloads. An essential tool for any blogger, it helps displaying the post’s keywords, a headline and intro making it easier for the search engine and the robot that index the sites to read.
If you have it too, you should know that it has recently been discovered some vulnerabilities, which could be exploited by any attacker to get into your blog. If you are thinking right now about uninstalling or changing the passwords, because you can’t figure anything else to do, don’t worry: they have already solved the problem. Now, of course you will have to download an update soon!
Security expert Ryan Dewhurst warned about the issue a few days ago. He works for WPScan, an open source security tool that allows security professionals and web administrators evaluate the vulnerabilities of WordPress.
Dewhurst found that a cyber-attacker could break the database’ security and obtain confidential information through a SQL injection attack in version 1.7.4. (version 1.5.3. for those who paid the premium subscription). In addition, all the previous versions were also vulnerable.
The security gap, in the simplest terms, would allow querying the blog’s database, which would compromise the stored information (authors and subscribers usernames and passwords, for example). Even, the vulnerability could be used to infect the site’s visitors through some malware.
This plugin’ security experts resolved the issue within 90 minutes after realizing it. They patched the vulnerability and offer an update, version 1.7.4. which comes without this damn security gap and you can download it manually from their website.
The people in charge of “WordPress SEO by Yoast” thanked Dewhurst for publishing his findings and asked users to download this update as soon as possible in order to keep themselves safe.
In addition, there is a much more comfortable way for updating all the versions without having to be on the look. If you have already installed WordPress version 3.7., or higher, you can order your plugins to automatically install updates so you don’t have to worry about them. You can do it by using the “Advanced Automatic Updates” option.
The post A security breach has been detected in WordPress SEO by Yoast plugin! appeared first on MediaCenter Panda Security.
Threatpost News Wrap, April 2, 2015
Dennis Fisher and Mike Mimoso talk about Google’s decision to drop Chinese CA CNNIC from Chrome’s trust store, the scope of the malvertising threat and Verizon’s super cookie use.