Nokogiri gem, via libxml, is affected by DoS and RCE vulnerabilities

The version of libxml2 packaged with Nokogiri contains several vulnerabilities. Nokogiri has mitigated these issues by upgrading to libxml 2.9.5. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial ...

Apache Struts, RCE and Managing App Risk

People used to argue about whether cyber security is a business problem or a technical problem. But this frames the issue poorly. “Problem” and “solution” imply that there is a definitive “solve.” Cybercrime isn’t a technical problem that can be definitively solved. It is an inherent business ris...

VaultPress 1.89-1.9 - Unauthenticated RCE

The builtin WAF must be disabled or bypassed for successful exploitation. v1.89 - Improper usage of opensslverify - signature compare - timing attack unsafe v1.9 - signature compare - timing attack unsafe...

Remote Code Execution (RCE)

ansible-vault is vulnerable to remote code execution RCE attacks. The application uses the unsafe yaml.load method to deserialize YAML files, allowing a malicious user to inject and execute arbitrary python code...

Trend Micro Mobile Security for Enterprise update_group Id SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the updategroup action. When parsing the 'id'...

Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit

Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...

Microsoft PowerPoint 2016 Multiple RCE Vulnerabilities (KB4011041)

This host is missing an important security update according to Microsoft KB4011041 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

September Patch Tuesday: 27 Critical Vulnerabilities from Microsoft, plus Critical Adobe Patches

Today Microsoft released a fairly large batch of patches covering 81 vulnerabilities as part of September’s Patch Tuesday update, with 38 of them impacting Windows. Patches covering 27 of these vulnerabilities are labeled as Critical, and 39 can result in Remote Code Execution RCE. According to...

Wireless 'BlueBorne' Attacks Target Billions of Bluetooth Devices

Researchers disclosed a bevy of Bluetooth vulnerabilities Tuesday that threaten billions of devices from Android and Apple smartphones to millions of printers, smart TVs and IoT devices that use the short-range wireless protocol. Worse, according to researchers at IoT security firm Armis that fou...

Remote Code Execution (RCE) Through Heap-based Buffer Overflow

freexl is vulnerable to remote code execution RCE Through heap based buffer overflow. The library does not check the content and dimension of the XLS files input to the readbiffnextrecord function, allowing the vulnerability to be triggered when a malicious XLS file is passed to the application...

Remote Code Execution (RCE) Via Heap-based Buffer Overflow Vulnerability

freexl is vulnerable to remote code execution RCE via heap based buffer overflow. The attackers can get full control over the heap overflow since it does not check the content and dimension of the XLS files input to the readlegacybiff function. The vulnerability can be triggered only when malicio...

Microsoft Office CVE-2017-8567 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin

Just two months ago we published an analysis of a critical remote code execution RCE security vulnerability in Apache Struts. Now Apache Struts has published a new version fixing yet another critical RCE vulnerability September 5, 2017. CVE-2017-9805 is a vulnerability in Apache Struts related to...

CVE-2017-9805: Apache Struts Remote Code Execution | Cloud Foundry

Severity Advisory/Critical Vendor Apache Versions Affected Apache Struts 2: 2.3.x versions prior to 2.3.34 2.5.x versions prior to 2.5.13 Description An RCE attack is possible when using the Struts REST plugin with XStream handler to deserialise XML requests 1. Affected Cloud Foundry Products and...

A2Billing Backup File Download / RCE Vulnerabilities

A2Billing is prone to backup file download and remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution Exploit

Apache Struts versions 2.5 through 2.5.12 using the REST plugin are vulnerable to a Java deserialization attack in the XStream library. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache...

Apache Struts Security Update (S2-052) - Active Check

Apache Struts is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Exploit for Deserialization of Untrusted Data in Apache Struts

Description Apache Struts RCE tool for CVE 2017-9805 O...

Apache Struts 2 REST Plugin XStream XML Request Deserialization RCE

The remote web application appears to use the Apache Struts 2 web framework. A remote code execution vulnerability exists in the REST plugin, which uses XStreamHandler to insecurely deserialize user-supplied input in XML requests. An unauthenticated, remote attacker can exploit this, via a...

A2billing 2.x Backup Disclosure / Code Execution / SQL Injection Vulnerabilities

A2billing version 2.x suffers from backup disclosure, remote code execution, and remote SQL injection vulnerabilities. Title : A2billing 2.x , Unauthenticated Backup dump / RCE flaw Vulnerable software : A2billing 2.x Author : Ahmed Sultan 0x4148 Email : email protected Home : 0x4148.com Linkedin...