An Internet scan of the IPv4 address space uncovered more than 100 critical facilities exposed to the public Internet, including hydropower plants in Germany and Italy.
Monthly Archives: July 2016
Ubuntu Linux Forum Hacked! Once Again
No software is immune to being Hacked! Not even Linux.
The Ubuntu online forums have been hacked, and data belonging to over 2 Million users have been compromised, Canonical just announced.
The compromised users’ data include their IP addresses, usernames, and email addresses, according to the company, who failed to apply a patch to secure its users’ data.
<!– adsense –>
However, users
Re: RCE by abusing NAC to gain Domain Persistence.
Posted by Kurt Buff on Jul 15
This seems more like an argument to not use DA accounts for NAC,
rather than a sure-fire method to undermine NAC.
I’ve not used NAC, but I’d have to guess that the machine wanting
access to the network has to announce itself by name, at least.
If that’s the case, how hard would it be to use the local
administrator account of the machine requesting admission? Assuming
that MSFT LAPS (or some similar system, such as the one from…
missing input validation in pmount: arbitrary mount as non-root
Posted by Imre RAD on Jul 15
Summary:
——–
pmount is a wrapper around the standard mount program which permits
normal users to mount removable devices without a matching /etc/fstab
entry.
Due to a missing input validation check local users could mount devices
to arbitrary destinations and thus taking over the targeted system
completely.
Prerequisites:
————–
Local user access to the target
Pmount 0.9.23 or older to be installed (any version at time of writing…
Re: RCE by abusing NAC to gain Domain Persistence.
Posted by Joey Maresca on Jul 15
Congratulations…2013 called and they want their attack back:
https://pen-testing.sans.org/blog/2013/04/25/smb-relay-demystified-and-ntlmv2-pwnage-with-python/
On Sat, Jul 9, 2016 at 7:45 AM, Alexander Korznikov <nopernik () gmail com>
wrote:
Blind SQL Injection PivotX <= v2.3.11
Posted by Manuel Garcia Cardenas on Jul 15
=============================================
MGC ALERT 2016-003
– Original release date: April 14, 2016
– Last revised: July 14, 2016
– Discovered by: Manuel García Cárdenas
– Severity: 7,1/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
Blind SQL Injection PivotX <= v2.3.11
II. BACKGROUND
————————-
PivotX is an open source blog software written in PHP using…
opensshd – user enumeration
Posted by Harari, Eddie on Jul 15
Sorry for the resend, I change the format of the email to better fit the list…
——————————————————————–
User Enumeration using Open SSHD (<=Latest version).
——————————————————————-
Abstract:
———–
By sending large passwords, a remote user can enumerate users on system that runs SSHD. This problem exists in most
modern configuration due to the…
x-originating-ip: [25.162.68.132]
Posted by bashis on Jul 15
Would be interesting to know why my ‘x-originating-ip’ is [25.162.68.132] while using Office 365 OWA…
Especially when it belongs to UK Ministry of Defence.
https://apps.db.ripe.net/search/query.html?searchtext=25.162.68.132#resultsAnchor
I hope that FD don’t filter and remove my ‘x-originating-ip’ now… otherwise i think you would be able to see it..
Snip from my own test e-mails to external mail address.
-…
CVE-2016-1426 (ios_xr)
Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819.
CVE-2016-1451 (meeting_server)
Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting Server (formerly Acano Conferencing Server) 1.7 through 1.9 allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva19922.