βΌ CVE-2021-1561 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. This vulnerability exists because access to the spam quarantine feature is not properly restricted. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to modify another user's spam quarantine settings, possibly disabling security controls or viewing email messages stored on the spam quarantine interfaces.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34715 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An attacker could exploit this vulnerability by uploading a malicious archive to the Upgrade page of the administrative web interface. A successful exploit could allow the attacker to execute code with user-level privileges (the _nobody account) on the underlying operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34734 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for the Cisco Video Surveillance 7000 Series IP Cameras firmware could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of memory resources, referred to as a double free. An attacker could exploit this vulnerability by sending crafted LLDP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).π Read
via "National Vulnerability Database".
βΌ CVE-2021-34716 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrect handling of certain crafted software images that are uploaded to the affected device. An attacker could exploit this vulnerability by authenticating to the system as an administrative user and then uploading specific crafted software images to the affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.π Read
via "National Vulnerability Database".
βΌ CVE-2020-22345 βΌ
π Read
via "National Vulnerability Database".
/graphStatus/displayServiceStatus.php in Centreon 19.10.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the RRDdatabase_path parameter.π Read
via "National Vulnerability Database".
β S3 Ep46: Copyright scams, video snooping and Grand Theft Crypto [Podcast] β
π Read
via "Naked Security".
Lastest episode - listen, laugh and learn! This week, Chester Wisniewski joins us on the show.π Read
via "Naked Security".
Naked Security
S3 Ep46: Copyright scams, video snooping and Grand Theft Crypto [Podcast]
Lastest episode β listen, laugh and learn! This week, Chester Wisniewski joins us on the show.
βΌ CVE-2021-31228 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests (without sniffing the specific request). Data is predictable because it is based on the time of day, and has too few bits.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31227 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length, which bypasses the size checks and results in a large heap overflow in the wbs_multidata buffer copy.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31226 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to lack of size validation. This vulnerability requires the attacker to send a crafted HTTP POST request with a URI longer than 50 bytes. This leads to a heap overflow in wbs_post() via an strcpy() call.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31400 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in tcp_pulloutofband() in tcp_in.c in HCC embedded InterNiche 4.0.1. The TCP out-of-band urgent-data processing function invokes a panic function if the pointer to the end of the out-of-band data points outside of the TCP segment's data. If the panic function hadn't a trap invocation removed, it will enter an infinite loop and therefore cause DoS (continuous loop or a device reset).π Read
via "National Vulnerability Database".
π¦Ώ Knockoff semiconductor chips flood the enterprise market π¦Ώ
π Read
via "Tech Republic".
As the predominantly pandemic-caused global chip shortage rolls on, businesses are now facing another challenge β component scams and bogus supply-chain claims.π Read
via "Tech Republic".
TechRepublic
Knockoff semiconductor chips flood the enterprise market
As the predominantly pandemic-caused global chip shortage rolls on, businesses are now facing another challengeβcomponent scams and bogus supply-chain claims.
βΌ CVE-2021-39273 βΌ
π Read
via "National Vulnerability Database".
In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36762 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\0' byte exists within a reasonable range).π Read
via "National Vulnerability Database".
βΌ CVE-2020-35684 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller than the size of the IP header, the TCP checksum computation function may read out of bounds (a low-impact write-out-of-bounds is also possible).π Read
via "National Vulnerability Database".
βΌ CVE-2021-27565 βΌ
π Read
via "National Vulnerability Database".
The web server in InterNiche NicheStack through 4.0.1 allows remote attackers to cause a denial of service (infinite loop and networking outage) via an unexpected valid HTTP request such as OPTIONS. This occurs because the HTTP request handler enters a miscoded wbs_loop() debugger hook.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39274 βΌ
π Read
via "National Vulnerability Database".
In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during installation, allowing an unprivileged user to modify the main application and the application configuration file. This results in arbitrary code execution with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31401 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in tcp_rcv() in nptcp.c in HCC embedded InterNiche 4.0.1. The TCP header processing code doesn't sanitize the value of the IP total length field (header length + data length). With a crafted IP packet, an integer overflow occurs whenever the value of the IP data length is calculated by subtracting the length of the header from the total length of the IP packet.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35685 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. (Proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.)π Read
via "National Vulnerability Database".
βΌ CVE-2020-35683 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service.π Read
via "National Vulnerability Database".
β Postmortem on U.S. Census Hack Exposes Cybersecurity Failures β
π Read
via "Threat Post".
Government says cybersecurity failures were many within failed January hack of U.S. Census Bureau systems.π Read
via "Threat Post".
Threat Post
Postmortem on U.S. Census Hack Exposes Cybersecurity Failures
Government says cybersecurity failures were many within failed January hack of U.S. Census Bureau systems.
π¦Ώ 83 million devices using the Kalay protocol are at risk for remote takeover. Are yours? π¦Ώ
π Read
via "Tech Republic".
ThroughTek's Kalay is used to manage security cameras, baby monitors, DVRs and more. A newly discovered flaw lets attackers watch, listen and steal recordings from hardware sold by dozens of vendors.π Read
via "Tech Republic".
TechRepublic
83 million devices using the Kalay protocol are at risk for remote takeover. Are yours?
ThroughTek's Kalay is used to manage security cameras, baby monitors, DVRs and more. A newly discovered flaw lets attackers watch, listen and steal recordings from hardware sold by dozens of vendors.