CIRT Team
in Security Advisories & Alerts
Multiple Vulnerabilities in HP Intelligent Management Center (iMC) Could Allow for Arbitrary Code Execution.
DESCRIPTIONMultiple vulnerabilities have been discovered in HP Intelligent Management Center (iMC), the most severe of which could allow for arbitrary code execution. HP Intelligent Management Center (iMC) is software platform used to manage enterprise network environments. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution within the context of a privileged process. Attackers can exploit these issues to execute...
Read More
in Security Advisories & Alerts
Oracle Quarterly Critical Patches Issued October 20, 2020
DESCRIPTIONMultiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution. SYSTEM AFFECTED • Application Performance Management (APM), versions 13.3.0.0, 13.4.0.0 • Big Data Spatial and Graph, versions prior to 3.0 • Enterprise Manager Base Platform, versions 13.2.1.0, 13.3.0.0, 13.4.0.0 • Enterprise Manager for Peoplesoft, version 13.4.1.1 • Enterprise Manager for Storage Management, versions 13.3.0.0, 13.4.0.0 • Enterprise Manager Ops Center,...
Read More
in Articles, English articles, News
BGD e-GOV CIRT has successfully organized country’s First Cyber Drill 2020
BGD e-GOV CIRT has successfully organized country’s 1st cyber drill on 22 October 2020. It was designed for the personnel of financial institutions. The purpose of this drill was to sharpen skills during incident handling. Challenges consisted of the use of hands-on skills, tools and real targets, real memory captures, and challenging analysis scenarios. The theme for this event was “Incident Handling in Financial Institute”....
Read More
in Security Advisories & Alerts
Multiple Vulnerabilities in Magento CMS Could Allow for Remote Code Execution (APSB20-59)
DESCRIPTIONMultiple vulnerabilities have been discovered in Magento CMS, the most severe of which could allow for arbitrary code execution. Magento is a web-based e-commerce application written in PHP. Successful exploitation of the most severe of these vulnerabilities could result in arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new...
Read More
in Security Advisories & Alerts
A Vulnerability in Juniper Junos OS Could Allow for Denial of Service
DESCRIPTIONA vulnerability has been discovered in Juniper Junos OS, which could allow for denial of service. Junos OS is a FreeBSD-based operating system used in Juniper Networks routers. This vulnerability specifically affects MX Series routers and EX9200 series switches with Trio-based PFEs configured with IPv6 Distributed Denial of Service (DDoS) protection mechanism enabled. An attacker can exploit this issue to disrupt network protocol operations or...
Read More
in Security Advisories & Alerts
Multiple Vulnerabilities in SonicWALL Sonic OS Could Allow for Arbitrary Code Execution
DESCRIPTIONMultiple vulnerabilities have been discovered in SonicWALL Sonic OS, the most severe of which could allow for arbitrary code execution. SonicWALL is a firewall and cybersecurity solution vendor. Successful exploitation of the most severe of these vulnerabilities could allow for buffer overflow within the context of the application. Attackers may exploit this issue to execute arbitrary code within the context of the affected application. Failed...
Read More
in Articles, English articles, News
BGD e-GOV CIRT Cyber Drill 2020
Date: 22 October 2020 Theme: Incident Handling in Financial Institution Registration: Click for registration: https://www.cirt.gov.bd/gym-registration/ BGD e-GOV CIRT is proud to present its 2020 Drill. We are very exultant to announce that, BGD e-GOV CIRT is arranging a challenging Event for Cyber Security professionals, especially for financial institute personnel. The purpose of this drill is to sharpen your skills during incident handling. Challenges require the...
Read More
in Security Advisories & Alerts
CVE-2020-16898(aka”Bad Neighbor”): Windows TCP/IP Remote Code Execution Vulnerability
DESCRIPTIONA remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. IMPACTAn attacker who successfully exploited this vulnerability...
Read More
