by CIRT Team
Apple Releases Security Updates
Description: Apple has released security updates to address vulnerabilities in multiple products. The products addressed are as below : iOS 11 Safari 11 tvOS 11 watchOS 4 Xcode 9 Impact: Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT208112 https://support.apple.com/en-us/HT208116 https://support.apple.com/en-us/HT201222...
Read More
by CIRT Team
Apache Tomcat Remote Code Execution via JSP Upload & Information Disclosure
Description: The Apache Foundation has released security updates to address vulnerabilities in Apache Tomcat. When running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by...
Read More
by CIRT Team
Avast’s Piriform Releases Security Update for CCleaner
Description: Piriform, a subsidiary of Avast, has released CCleaner 5.34 and has pushed v1.07.3214 to CCleaner Cloud users. These versions do not contain the Floxif malware found in the 32-bit versions of CCleaner 5.33.6162 and CCleaner Cloud 1.07.3191 Impact: An unauthorized modification of the CCleaner.exe binary resulted in an insertion of a two-stage backdoor capable of running code received from a remote IP address on...
Read More
by CIRT Team
VMware Releases Security Updates
Description: VMware releases security updates to address vulnerabilities. This release consists of security updates for the following software: ESXi vCenter Server Fusion Workstation Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2017-0015.html
by CIRT Team
Microsoft Releases September 2017 Security Updates
Description: Microsoft releases security updates for September 17. This release consists of security updates for the following software: Microsoft Excel 2016 for Mac Microsoft Office 2016 for Mac Microsoft .NET Framework Windows Server 2008 Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for more information. Reference URL’s: https://portal.msrc.microsoft.com/en-us/security-guidance/summary https://support.microsoft.com/en-us/help/20170912/security-update-deployment-information-september-12-2017
by CIRT Team
Sudo CVE-2017-1000368 Incomplete Fix Local Privilege Escalation Vulnerability
Description: Todd Miller’s sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution. Impact: Local attackers could exploit this issue to run arbitrary commands with root privileges. This issue is fixed in sudo 1.8.20p2. NOTE: This issue is the result of an incomplete fix for the issue described in BID 98745...
Read More
by CIRT Team
Apache Struts CVE-2017-9805 Remote Code Execution Vulnerability
Description: The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type filtering and this can lead to Remote Code Execution when deserializing XML payloads. Impact: Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Apache Struts 2.5 through 2.5.12...
Read More
by CIRT Team
CVE-2017-6768: Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability
Description: A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. Impact: An attacker...
Read More
by CIRT Team
CVE-2017-6767: Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability
Description: A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are higher or lower than what should have been granted. The attacker cannot gain root-level privileges. The vulnerability is due to...
Read More
by CIRT Team
CVE-2017-6780: Cisco IoT Field Network Director Memory Exhaustion Denial of Service Vulnerability
Description: A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart. Impact: An attacker could exploit this vulnerability by sending a high rate of TCP packets to a specific group of open listening ports on a targeted device. An exploit could...
Read More
