157 matches found
TAU Threat Analysis: Medusa Locker Ransomware
In recent weeks Carbon Black’s Threat Analysis Unit TAU has seen an increase in the number of infections attributed to the Medusa Locker ransomware family. There were notable traits exhibited by Medusa Locker in these attacks that warranted further investigation to determine behavioral tactics th...
Apple Explains Mysterious iPhone 11 Location Requests
KrebsOnSecurity ran a story this week that puzzled over Apple's response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user's location even when all applications and system services are individually set never to reque...
CVE-2019-10724
The CVE-2019-10724 issue affects Dolby DAX2 API system services and allows a low-privileged user to terminate arbitrary higher-privilege processes. Affected products/versions include Lenovo laptops/desktops listed with Dolby driver 6.0.1.8642 (and related builds). CVSS data indicate NETWORK acces...
EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1180)
According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd...
EulerOS Virtualization 2.5.4 : systemd (EulerOS-SA-2019-1217)
According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd...
Improper access control
Incorrect Access Control in modinetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter...
CVE-2018-18004
Incorrect Access Control in modinetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter...
CVE-2018-18004
Incorrect Access Control in modinetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter...
CVE-2018-18004
CVE-2018-18004 affects VIVOTEK Network Camera Series via mod_inetd.cgi in firmware before XXXXXX-VVTK-0X09a. Root cause: incorrect access control that permits remote attackers to trigger arbitrary system services through a URL parameter. Impact: potential partial integrity impact by enabling unin...
Microsoft Windows: Service: Windows Media Player Network Sharing Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winmediaplayernetsharing.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Windows Media Player Network Sharing Service WMPNetworkSvc Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...
Microsoft Windows 10: Service: Windows Mobile Hotspot Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winmobilehotspot.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Windows Mobile Hotspot Service icssvc Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program i...
Microsoft Windows 10: Service: Downloaded Maps Manager
This test checks the setting for policy OpenVAS Vulnerability Test $Id: windownloadedmapsmanager.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Downloaded Maps Manager MapsBroker Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...
Microsoft Windows: Service:World Wide Web Publishing Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winwwwpublishing.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for World Wide Web Publishing Service W3SVC Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program...
Microsoft Windows: Service: Remote Access Auto Connection Manager
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrasauto.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Remote Access Auto Connection Manager RasAuto Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program...
Microsoft Windows: Service: HomeGroup Listener
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winhomegroupprovider.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for HomeGroup Provider HomeGroupProvider Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This progra...
Microsoft Windows: Service: Microsoft FTP Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winftpservice.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Microsoft FTP Service FTPSVC Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Microsoft Windows: Service: IIS Admin Service
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winiisadminservice.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for IIS Admin Service IISADMIN Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Microsoft Windows: Service: Remote Registry
This test checks the setting for policy OpenVAS Vulnerability Test $Id: winremoteregistry.nasl 11344 2018-09-12 06:57:52Z emoss $ Check value for Remote Registry RemoteRegistry Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Microsoft Windows: Service: PNRP Machine Name Publication Service
The service SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.109267";...
MGASA-2018-0257 Updated virtualbox packages fix security vulnerabilities
This update provides virtualbox 5.2.12 and fixes the following security issues: Unauthorized remote attacker may have caused a hang or frequently repeatable crash complete DOS CVE-2018-0739. Attacker with host login may have compromised Virtualbox or further system services after interaction with...