New FakeNet-NG Feature: Content-Based Protocol Detection

I Matthew Haigh recently contributed to FLARE’s FakeNet-NG network simulator by adding content-based protocol detection and configuration. This feature is useful for analyzing malware that uses a protocol over a non-standard port; for example, HTTP over port 81. The new feature also detects and...

shadowsocks-libev 3.1.0 - Command Execution

X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL:...

Ikraus Anti Virus 2.16.7 - Remote Code Execution

Vulnerability summary The following advisory describes an remote code execution found in Ikraus Anti Virus version 2.16.7. KARUS anti.virus “secures your personal data and PC from all kinds of malware. Additionally, the Anti-SPAM module protects you from SPAM and malware from e-mails. Prevent...

A secure captive portal browser with automatic DNS detection

Captive portals are the worst. Flaky detection. The OS and browser try to detect these annoying network features but fail quite often, leaving you with broken connections. DID YOU KNOW that probe-based captive portal detection really doesn't work very well, with 30% FP and 30% FN rate in Chrome? ...

Trend Micro Mobile Security for Enterprise Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the modTMCSS Proxy functionality. When parsing certain...

Trend Micro Mobile Security for Enterprise Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the modTMCSS Proxy functionality. When parsing certain paramete...

McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution

McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution Vulnerabilities Summary The following advisory describes a Remote Command Execution found in McAfee McAfee LiveSafe MLS versions prior to 16.0.3. The vulnerability allows network attackers to modi...

McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution

Vulnerabilities Summary The following advisory describes a Remote Command Execution found in McAfee McAfee LiveSafe MLS versions prior to 16.0.3. The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. McAfee...

The bundled Atlassian OAuth plugin allows arbitrary HTTP requests to be proxied - CVE-2017-9506

The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery SSRF. This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 . When running in an...

Posh-SSH - PowerShell Module for automating tasks on remote systems using SSH

Windows Powershell module that leverages a custom version of the SSH.NET Library http://sshnet.codeplex.com/ to provide basic SSH functionality in Powershell. The main purpose of the module is to facilitate automating actions against one or multiple SSH enabled servers. This module is for Windows...

Microsoft Edge Chakra - JavascriptFunction::EntryCall Fails to Handle CallInfo Properly

Microsoft Edge Chakra - JavascriptFunction::EntryCall Fails to Handle CallInfo Properly GetScriptContext, Js::Constants::MinStackDefault; RUNTIMEARGUMENTSargs, callInfo; ScriptContext scriptContext = function-GetScriptContext; Assert!callInfo.Flags & CallFlagsNew; /// /// Check Argument0 has...

Microsoft Edge Chakra - 'JavascriptFunction::EntryCall' Fails to Handle 'CallInfo' Properly

GetScriptContext, Js::Constants::MinStackDefault; RUNTIMEARGUMENTSargs, callInfo; ScriptContext scriptContext = function-GetScriptContext; Assert!callInfo.Flags & CallFlagsNew; /// /// Check Argument0 has internal Call property /// If not, throw TypeError /// if args.Info.Count == 0 ||...

Microsoft Edge: Chakra: JavascriptFunction::EntryCall doesn't handle CallInfo properly(CVE-2017-8671)

Here's the method. Var JavascriptFunction::EntryCallRecyclableObject function, CallInfo callInfo, ... PROBESTACKfunction-GetScriptContext, Js::Constants::MinStackDefault; RUNTIMEARGUMENTSargs, callInfo; ScriptContext scriptContext = function-GetScriptContext; Assert!callInfo.Flags & CallFlagsNew;...

HTTP Load Generator: hey

hey is a tiny program that sends some load to a web application – ApacheBench ab replacement. hey was originally called boom and was influenced from Tarek Ziade’s tool at tarekziade/boom . Installation go get -u github.com/rakyll/hey Note: Requires go 1.7 or greater. Usage hey runs provided numbe...

U.S. Dept Of Defense: File Upload Restriction Bypass

Summary: A file upload function allows users to specify their own file name on the server, which allows a user to upload as many images as they would like, potentially causing an Application Denial of Service. Description: The listserv 16.0 server at http://████████ allows users to upload their o...

[SECURITY] Fedora 26 Update: curl-7.53.1-10.fc26

curl is a command line tool for transferring data with URL syntax, supporti ng FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, I MAP, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

High Schooler Nets $10,000 For Google Bug

Google fixed a bug last month that could have let anyone access an internal Google website and in turn access sensitive data. The company awarded a hefty $10,000 bounty to the researcher that uncovered it, Ezequiel Pereira, an Uruguayan high school student, last Friday. Pereira stumbled upon the...

A WebSocket Manipulation Proxy: WSSiP

Short for “WebSocket/Socket.io Proxy”, this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an...

NetworkManager and libnl3 security, bug fix and enhancement update

NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...

Command injection

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745...