Huawei Oceanstor 5800 before V300R002C10SPC100 allows remote attackers to cause a denial of service (CPU consumption) via a large number of crafted HTTP packets.
Monthly Archives: January 2017
WordPress 4.7.2 Update Fixes XSS, SQL Injection Bugs
WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.
Digital Ocean ssh key authentication security risk — password authentication is re-enabled
Posted by Daniel Elebash on Jan 27
Regarding digitalocean.com cloud computing.
PasswordAuthentication is reset to yes in /etc/ssh/sshd_config when using ssh key authentication given the following
scenario:
When creating a new droplet from a snapshot where ssh key authentication “PasswordAuthentication” in
/etc/ssh/sshd_config was previosly set to no, “PasswordAuthentication” is reset to yes.
I am not sure how common this scenario is but for me I often…
Privilege Escalation in VirtualBox (CVE-2017-3316)
Posted by Wolfgang on Jan 27
Privilege Escalation in VirtualBox (CVE-2017-3316)
== [ Overview ] ===
System affected: VirtualBox
Software-Version: prior to 5.0.32, prior to 5.1.14
User-Interaction: Required
Impact: A Man-In-The-Middle could infiltrate an
Extension-Pack-Update to gain a root-shell
=== [ Detailed description ] ===
In my research about update mechanism of open-source software I found
vulnerabilities in Oracle’s VirtualBox. It’s…
Dridex Returns With Windows UAC Bypass Method
Dridex banking malware returns with a new bypass technique that allows the malware to execute without triggering a Windows UAC alert to the user.
Facebook Adds FIDO U2F Security Keys Feature For Secure Logins
Hacking password for a Facebook account is not easy, but also not impossible.
We have always been advising you to enable two-factor authentication — or 2FA — to secure your online accounts, a process that requires users to manually enter, typically a six-digit secret code generated by an authenticator app or received via SMS or email.
So even if somehow hackers steal your login credentials,
4010983 – Vulnerability in ASP.NET Core MVC 1.1.0 Could Allow Denial of Service – Version: 1.0
Revision Note: V1.0 (January 27, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of ASP.NET Core MVC 1.1.0. This advisory also provides guidance on what developers can do to update their applications correctly.
CVE-2016-10002
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.
CVE-2016-10003
Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients.
CVE-2016-1551
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock???s peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.