PSEvents.exe within several Panda Security products runs hourly with SYSTEM privileges. When run, it checks a user writable folder for certain DLL files, and if any are found they are automatically run. Vulnerable products include Panda Global Protection 2016 versions 16.1.2 and below, Panda Antivirus Pro 2016 versions 16.1.2 and below, Panda Small Business Protection versions 16.1.2 and below, and Panda Internet Security 2016 versions 16.1.2 and below.
Monthly Archives: October 2016
TrendMicro InterScan Web Security Virtual Appliance Shellshock
TrendMicro InterScan Web Security Virtual Appliance remote code execution exploit that leverages the shellshock vulnerability to spawn a connect-back shell.
Puppet Enterprise Web Interface User Enumeration
Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from a user enumeration vulnerability.
Puppet Enterprise Web Interface Open Redirect
Puppet Enterprise Web Interface versions prior to 2016.4.0 suffer from an open redirection vulnerability.
FreePBX 10.13.66 Remote Command Execution / Privilege Escalation
FreePBX version 10.13.66 suffers from remote command execution and privilege escalation vulnerabilities.
Windows Linux Subsystem Arbitrary File / Direction Creation
The Linux subsystem on Windows suffers from a privilege escalation vulnerability that allows for arbitrary file and directory creation.
VBScan Vulnerability Scanner 0.1.7.1
VBScan is a black box vBulletin vulnerability scanner written in perl.
An Army of Million Hacked IoT Devices Almost Broke the Internet Today
A massive Distributed Denial of Service (DDoS) attack against Dyn, a major domain name system (DNS) provider, broke large portions of the Internet on Friday, causing a significant outage to a ton of websites and services, including Twitter, GitHub, PayPal, Amazon, Reddit, Netflix, and Spotify.
But how the attack happened? What’s the cause behind the attack?
Exact details of the attack remain
RHBA-2016:2096-1: tzdata bug fix update
Red Hat Enterprise Linux: Updated tzdata packages that add various enhancements are now available for Red
Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6
Long Life, Red Hat Enterprise Linux 5.9 Advanced Update Support, Red Hat
Enterprise Linux 5, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red
Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5
Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update
Support, Red Hat Enterprise Linux 6.6 Extended Update Support, Red Hat
Enterprise Linux 6.7 Extended Update Support, Red Hat Enterprise Linux 6, Red
Hat Enterprise Linux 7.1 Extended Update Support, Red Hat Enterprise Linux 7.1
Little Endian Extended Update Support, Red Hat Enterprise Linux 7.2 Extended
Update Support, and Red Hat Enterprise Linux 7.
USN-3108-1: Bind vulnerability
Ubuntu Security Notice USN-3108-1
21st October, 2016
bind9 vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 12.04 LTS
Summary
Bind could be made to crash if it received specially crafted network
traffic.
Software description
- bind9
– Internet Domain Name Server
Details
Toshifumi Sakaguchi discovered that Bind incorrectly handled certain
packets with malformed options. A remote attacker could possibly use this
issue to cause Bind to crash, resulting in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 12.04 LTS:
-
bind9
1:9.8.1.dfsg.P1-4ubuntu0.18
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.