Monthly Archives: October 2016
Google Plugs 21 Security Holes in Chrome
Bug hunters earned $30,000 in rewards for reporting 21 security flaws that were fixed in Chrome 54.
InsOnSrv Asus InstantOn 2.3.1.1 Privilege Escalation
InsOnSrv Asus InstantOn version 2.3.1.1 suffers from an unquoted service path privilege escalation vulnerability.
Facebook Bug Bounty Program Pays Out $5 Million in Five Years
Facebook announced this week that its paid out more than $5 million to 900 researchers in the five years since it implemented its bug bounty program.
Cisco Patches Critical Bug In Video Conferencing Server Hardware
A vulnerability in Cisco’s meeting server software allows a remote attacker to masquerade as legit user.
CVE-2016-3635 (netweaver)
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366.
CVE-2016-3638
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623.
CVE-2016-3946
SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461.
CVE-2016-4407
The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008.
CVE-2016-5425
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.