One Million Devices Open to Wormable Microsoft BlueKeep Flaw

One million devices are still vulnerable to BlueKeep, a critical Microsoft bug with “wormable” capabilities, almost two weeks after a patch was released. The flaw CVE-2019-0708 was fixed during Microsoft’s May Patch Tuesday Security Bulletin earlier this month. System administrators were urged to...

Security Bulletin: Cloudant Local Apache CouchDB CVE-2018-17188: Remote Privilege Escalations

Summary Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it...

Satellite communications equipment security

Introduction Satcoms are the game changer in maritime cyber security. In the past, satellite connectivity was so expensive as to be prohibitive for all but the most essential communication. Crew personal email and social media access was a pipe dream. However, now that ship operators have access ...

Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers

A misconfigured Amazon S3 Simple Storage Service bucket, managed by a Walmart jewelry partner, left personal details and contact information of 1.3 million customers exposed to the public internet. The S3 repository containing a MSSQL database backup belongs to MBM Company, a Chicago, Ill.-based...

CVE-2017-12636

CouchDB administrative users can configure the database server via HTTPS. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitra...

Default credentials

Default access permissions for Persistent Volumes PVs created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the...

CVE-2017-1002100

CVE-2017-1002100 concerns default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider (versions 1.6.0–1.6.5). The issue is that PVs are configured with the container access mode, exposing a URI on the public internet without requiring authentication. Acc...

CVE-2017-9494

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet...

CVE-2017-9488

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded...

Code injection

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet...

IBM Sterling Secure Proxy Configuration Manager Session Reuse Vulnerability

IBM Sterling Secure Proxy SSP is an unprotected zone DMZ-based application proxy from IBM USA that protects file transfers from the public Internet.Configuration Manager is one of the configuration management components. A session reuse vulnerability exists in Configuration Manager in IBM SSP. A...

Sierra Wireless Warns Cellular Data Gear Targeted by Mirai Malware

Sierra Wireless is warning customers to change default factory credentials on its AireLink gatway communications gear or risk being infected by Mirai malware. Mirai malware scans the Internet for IoT gear such as DVRs and IP-enabled cameras and other devices that are protected by default or...

Imgur: Imgur dev environments facing the Internet

A security group configuration error allowed Imgur development environments to face the public internet. Typically these environments were protected behind a special endpoint which would open access to authenticated Imgur employees for a short time window. Since the development environments were...

CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS

Multiple Vulnerabilities in the Adtran Netvanta 7100 Impact: Multiple Local and Remote Compromise, XSS and other Injection Attacks Versions: firmware prior to R10.5.3.HA Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Multiple Vulnerabilities in Adtran Netvanta 7100 Date...

Compliance demands prevented repair of virus-infected medical devices

From CNet News Stephanie Condon The Conficker Working Group several months ago discovered several hundred medical devices that had been infected with the Conficker worm and set about alerting the affected hospitals to the problem. The disinfection process should have been straightforward, but the...

Ingenium Admin Password Vulnerability

The vendor was contacted, but I have not received any response other than an autoresponder over the past week... -E Security Advisory -- Click2Learn's Ingenium LMS Brian Enigma [email protected] http://netninja.com/papers/ingenium/ ----------------------- OVERVIEW ----------------------- Produc...