IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass Vulnerabilities

IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 including Cloud version 11.5 suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. title: Multiple Vulnerabilities product: IBM Infosphere Information Server / Datastage...

IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: IBM Infosphere Information Server / Datastage vulnerable version: 9.1, 11.3, and 11.5 including Cloud version 11.5 fixed version: - CVE...

USN-3367-1: gdb vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacke...

USN-3367-1: gdb vulnerabilities

Hanno Böck discovered that gdb incorrectly handled certain malformed AOUT headers in PE executables. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause gdb to crash, resulting in a denial of service, or possibly...

CVE-2017-8463

Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it improperly handles executable files and share...

Threat Round-up for June 30 - July 07

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 07. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...

PPEE (Puppy) - Professional PE file Explorer for reversers and malware researchers

There are lots of tools out there for statically analyzing malicious binaries, but they are ordinary tools for ordinary files. Puppy is a lightweight yet strong tool for static investigation of suspicious files. A companion plugin is also provided to query the file in the well-known malware...

Installer of Vivaldi for Windows may insecurely load executable files

Overview The installer of Vivaldi for Windows contains an issue in the file search path when loading files, which may insecurely load executable files CWE-427. Eiji James Yoshida of Security Professionals Network Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

Apache Struts Jakarta Multipart Parser OGNL Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Apache Struts Jakarta Multipart Parser OGNL Injection', 'Description' = %q This module exploits a remote code execution...

DEBIAN-CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

Newly Discovered Mac Malware with Ancient Code Spying on Biotech Firms

Security researchers have discovered a rare piece of Mac-based espionage malware that relies on outdated coding practices but has been used in some previous real-world attacks to spy on biomedical research center computers. Dubbed Fruitfly, the malware has remained undetected for years on macOS...

CVE-2016-10031

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

Analyze Suspected Malware Documents: QuickSand

Analyze Suspected Malware Documents QuickSand is a compact C framework to analyze suspected malware documents to 1 identify exploits in streams of different encodings, 2 locate and extract embedded executables. By having the ability to locate embedded obfuscated executables, QuickSand could detec...

MS16-140: Security Update for Boot Manager (3193479)

The remote Windows host is missing a security update. It is, therefore, affected a security bypass vulnerability in Windows Secure Boot due to the use of an insecure boot policy in firmware. A local attacker can exploit this issue to disable code integrity checks, allowing test-signed executables...

Veil Evasion Payloads

Veil-Evasion is an open source tool that generates malicious executables. A remote attacker could send executable files to an unprotected system, and trigger their execution on that system...

MorphAES - IDPS & SandBox & AntiVirus STEALTH KILLER

MorphAES is the world's first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it's cross-platform as well and library-independent. Properties: Polymorphism AES encryption Metamorphism logic and constant...

Hancitor Malware Shifts Infection Strategies

Researchers said a new variant of the Hancitor downloader has shifted tactics and adopted new dropper strategies and obfuscation techniques on infected PCs. Researchers at Palo Alto Networks are currently tracking the biggest push of the Hancitor family of malware since June that it says has...

Manalyze - A static analyzer for PE executables

Manalyzer is a free service which performs static analysis on PE executables to detect undesirable behavior. A static analyzer for PE files Manalyze was written in C++ for Windows and Linux and is released under the terms of the GPLv3 license . It is a robust parser for PE files with a flexible...

IDPS SandBox AntiVirus Stealth Killer: MorphAES

IDPS SandBox AntiVirus Stealth Killer MorphAES is the world’s first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it’s cross-platform as well and library-independent. Properties: Polymorphism AES...