A 20-year history of the SMB vulnerability: a Raspberry PI will be able to DoS a large Server, Microsoft would not fix this vulnerability-vulnerability warning-the black bar safety net

The vast majority of DoS attacks, in General, are the target system receives a large number of service requests, ultimately resulting in a denial of service state. In fact, with the development of Technology, If you want to make the current system“denial of service”, is in need of massive request...

Shenzhen, China, a manufacturer of smart cameras exposed vulnerability: at least 17.5 million devices can be remote attack-vulnerability warning-the black bar safety net

Security firms Bitdefender and Checkmarx are released report, security researcher at a plurality of conventional smart cameras found in a remote intrusion vulnerability, relates to the VStarcam, the Loftek, as well as Neo IP camera. One of Neo IP camera is Shenzhen, China manufacturer beautiful...

Apache Kafka readObject vulnerability analysis report-vulnerability warning-the black bar safety net

I. background description Apache Kafka is an open source Apache stream processing platform, from the Apache to write, the use of scala and java. The project aims to provide a unified, high-throughput, low-latency real-time data processing platform. II. Vulnerability overview Kafka the internal...

For NXP I. MX microprocessor HAB vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword NXP（NXP）semiconductor production company i. The MX Series application processor of the Secure Boot features in the presence of two vulnerabilities, two vulnerabilities by Quarkslab the two researchers Guillaume Delugré and Kévin Szkudłapski found this article on the two vulnerabilit...

See how I through subdomain takeover to bypass the Uber Single Sign-On authentication mechanism-vulnerability warning-the black bar safety net

! Uber to use the Amazon CloudFront CDN architecture website saostatic. uber. com there is a subdomain of the security vulnerability, an attacker take over. In addition, Uber recently deployed in the site auth. uber. com, based on Uber all the subdomain cookie sharing to achieve authentication of...

The VMware virtual machine escape patch analysis-vulnerability warning-the black bar safety net

One, Foreword A virtual machine refers to the installation in the normal host machineOSwithin a fully isolated clientoperating system. Virtual machine escape refers to the breakthrough of the virtual machine limit, with the host machineOSthe interaction of a process, an attacker can through a...

From the SSRF implementation chain to the RCE, see How do I use the GitHub Enterprise version of the four vulnerability-vulnerability warning-the black bar safety net

In the past few months, I have been seriously preparing for the 2017 America the Black Hat hacker conference and DEF CON 25 lecture content, and become a Black Hat and DEFCON speaker has always been in my life a very important goal. In addition, this is also my first time in such a formal occasio...

Tomcat Security Constraint Bypass CVE-2017-5664 analysis-vulnerability warning-the black bar safety net

1. DefaultServlet role I'm in front of the public, the article said, the JspServlet's role is to process the jsp and jspx files a request, then the non-jsp jspx is by the DefaultServlet to handle it different, but because it is a tasteless, not discussed here so much, here we simply believe that...

The Segway miniPRO balance of the car vulnerability research-exploit warning-the black bar safety net

Segway miniPRO Electric balance car presence of a critical security vulnerability, a malicious attacker could exploit the vulnerability may completely control the balance of the car. IOActive latest study found that Segway miniPRO Electric balance of the car in the presence of a critical security...

For Oracle OAM 10g session hijacking vulnerability analysis-vulnerability warning-the black bar safety net

Oracle OAM Oracle Access Manager is the Oracle company produced the SSO solution. Recently there are foreign researchers broke, in Oracle OAM 10g, the misconfigured OAM will lead to remote session hijacking however, the majority of enterprises are not the correct configuration, are visible this...

Vmware virtual machine escape Vulnerability CVE-2017-4901）Exploit code analysis and use-vulnerability and early warning-the black bar safety net

0×01 event analysis 2017 7 on 19 unamer in its github released a for Vmware virtual machine escape exploit source code, using C++. The alleged impact of Vmware Workstation 12.5.5 the previous version, and gives a demonstration of the process, to achieve a from the virtual machine to the host...

Source game remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

Valve's Source SDK contains a buffer overflow vulnerability, which results in the client and server can execute arbitrary code. This vulnerability in the shot and the player when triggered, which can lead to load a specific ragdoll modelragdoll model. A plurality of Source game in 2017 6 November...

Security research team released 8 Apple iOS security vulnerability: hackers can easily attack-vulnerability warning-the black bar safety net

According to foreign media ZDNet reports, the Israeli mobile security company Zimperium recently released 8 Apple iOS system vulnerabilities, hackers can exploit these vulnerabilities to completely control the user's iOS device, so as to obtain the device's GPS data, photos, and contact...

gSOAP open-source software development library aeration“green rose”vulnerability, millions of IoT devices in jeopardy-vulnerability warning-the black bar safety net

Remember a few days ago Avanti vending machines loopholes, leakage of a large amount of user information? It didn't take long, the other one for IoT device attacks appeared again, this time the recruitment is the development of IoT devices open-source software library that may affect millions of...

CVE-2017-7529 Nginx integer overflow vulnerability analysis-vulnerability warning-the black bar safety net

1, the vulnerability described in In the Nginx range filter in the presence of an integer overflow vulnerability that can be through with the special structure of the range of the HTTP header of the malicious request to trigger this integer overflow vulnerability, and lead to information leakage...

Trend Micro Deep Discovery Director vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability information Type: OS command in the special elements improper handling ofCWE-78, use of hard-coded cryptographic keysCWE-321, data authenticity verification is insufficientCWE-345 Impact: code execution Remote exploit: Yes Local exploit: Yes CVE name: CVE-pending-assignment-1,...

To“hypnosis”to bypass authentication: an influence of the Kerberos Protocol for up to 20 years of vulnerabilities-vulnerability warning-the black bar safety net

! Kerberos this is a noun derived from the Greek mythology“the three heads of the dog--Hades the Keeper of the dog,”in the system is an authentication Protocol that uses tickets to allow nodes in an insecure network environment to communicate securely, it is possible to prevent eavesdropping, to...

CVE-2017-4918: VMware Horizon macOS client code injection vulnerability analysis-vulnerability warning-the black bar safety net

This article I want to discuss under the VMware Horizon macOS client version 4. 4. 0, the 5164329 of a code injection vulnerability, which can be used to obtain local root privileges. The good news is this issue already in the latest version is fix. 0x01 analysis On my MAC the above understanding...

The Nginx range filter plastic overflow vulnerability (CVE–2017–7529)early warning analysis-vulnerability warning-the black bar safety net

I. background description A security issue was identified in the nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak CVE-2017-7529. --...

CVE-2017-0283: Windows Uniscribe remote code execution vulnerability analysis-vulnerability warning-the black bar safety net

The last“patch Tuesday”to fix the one named“USP10! MergeLigRecords in Windows Uniscrible font processing heap broken ring”RCE vulnerability. Many days after the Google Project Zero team of Mateusz Jurczyk released a PoC of the report. In the Windows of the library at the same time the presence of...

NTLM, LDAP&RDP Relay vulnerability analysis-vulnerability warning-the black bar safety net

Over the past few months, the Preempt research team found and reported two of Microsoft's NT LAN Manager NTLM vulnerability. These vulnerabilities have the same problem, IE NTLM does not correctly handle two different protocols. These issues are very important, because even turn on LDAP server...

Burrowing posture: analysis of a command injection vulnerability-vulnerability warning-the black bar safety net

Command injection is a Common Vulnerability pattern. Once there is a command injection vulnerability, the attacker may be in the target system to execute arbitrary commands. Here, we have to mention another one called remote code execution RCE of vulnerability-many people always put these two...

Flexport year in Hackerone is report 6 an interesting vulnerability-vulnerability warning-the black bar safety net

! A year ago the Internet freight forwarders company Flexport in order to improve its customer data security, with our HackerOne platform to establish a cooperative relationship. HackerOne as a global well-known bug Bounty gold one, allowing all the security enthusiasts and professional penetrati...

How Can I dig to a value of $ 8000 Uber vulnerability-vulnerability warning-the black bar safety net

I study Uber vulnerability has been there for some time, and this is the first time I posted about the Uber vulnerability discovery report, I hope can give you some interesting burrowing ideas. In this article, I will share with you the one I'm in the Uber system in the discovery of interesting...

The German e-Government communications system components there are multiple serious vulnerabilities can lead to government exchange of data breach-vulnerability warning-the black bar safety net

! The G20 Summit on the eve of the German vigorously strengthen the network security and the establishment of the all-Weather command center, and most recently, the SEC-Consult security researchers found that the German e-Government communications library Online Services computer interface the OS...

Use MS17-010 patch comparison of the nine vulnerability-vulnerability warning-the black bar safety net

【Translator's note MS17-010 smoke has been the past two months, each of the attention IT security enthusiasts have learned different things. This translation is of the original author combined with the NSA leak of the Arsenal, by patch contrast from the MS17-010 found in nine holes. The author fr...

From PhantomJS picture rendering of XSS vulnerabilities to the SSRF/local file read vulnerability-vulnerability warning-the black bar safety net

One, Foreword Recently I was invited to study a vulnerability reward project, this project can be based on user input to generate a picture, in order for users to download. After a period time of exploring, I found a way to exploit the path, you can use the picture inside theXSSthe vulnerability ...

Vulnerability warning | bucket pixel technology found in high-risk Struts2 showcase remote code execution vulnerability S2-048-the vulnerability warning-the black bar safety net

Recently, from the bucket as technology Tophant security researcher icez found Struts2 showcase application in the presence of a remote code execution high-risk vulnerabilities. Struts2 official has confirmed the vulnerability, the vulnerability number S2-048, CVE number: CVE-2017-9791, the...

struts2 and double 叒 叕 a high-risk vulnerability S2-048-the vulnerability warning-the black bar safety net

Vulnerability ID: CVE-2017-9791 Vulnerability author: icez ic3zqq.com Affected version: Struts 2.3. x Vulnerability rating: high risk Vulnerability Brief Description: When the Struts 2 in Struts 1 Plug-in is enabled, an attacker through the use of malicious field values may cause the RCE. These...

Oracle golden gate critical vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will once again prove over-reliance on automation tool will allow people to ignore off a lot of potential danger, at the same time, we will also discuss some of the relevant Oracle Golden Gate technical level of the important weaknesses vulnerability, and to show you yet anoth...

Discuz plug-in Bluegrass today wechat voting rights limit and brush votes vulnerability with python scripting-vulnerability warning-the black bar safety net

Two days before the bunch of friends online canvassing, feeling that something in the programmer before it is an irony（me is the programmer before me, when a programmer there are always people that you will be stolen QQ, attack, repair the computer。。。。） Directly into the theme, with to Tools: 1...

Wolf CMS both the old and new version of the file upload vulnerability analysis-vulnerability warning-the black bar safety net

A Wolfcms description Wolf CMS is a Content Management System CMS, is in the GNUGeneral Public License v3 released under the free software. Wolf CMS is made in PHP language, is Frog CMS a branch. In 2010, Packet Publishing open source projects, the award of“Most Promising Open Source...

Document type vulnerabilities study-vulnerability warning-the black bar safety net

! ! For more details please click:download link password: dsbv...

Burrow experience|Yahoo Small Business service platform Luminate authentication vulnerability-vulnerability warning-the black bar safety net

Content Management System Development, an important and crucial step is the account authentication implementations. The authentication function can manage the user login behavior and conversation, to make a valid login access control. Typically, this authentication function generally consists of ...

CentOS 7 released a kernel security update that fixes five vulnerabilities-vulnerability warning-the black bar safety net

CentOS system maintenance engineer Johnny Hughes today released the security Bulletin, the requirements currently are using CentOS 7 series users as soon as possible the deployment of important kernel security updates. According to Red Hat published upsteam security Bulletin, the kernel update...

Using the CTS for vulnerability detection and principles of analysis-vulnerability warning-the black bar safety net

1. CTS to run the process 1.1 download compile Android CTS source code, By git clone https://android.googlesource.com/platform/cts -b xxxxxxx can download the cts and compile,or you can download the complete Android source code is compiled, the compiled source code is then compiled CTS,the comman...

Using the CTS for vulnerability detection and principles of analysis-vulnerability warning-the black bar safety net

360 Vulpecker team Membership 360 Information Security Department, committed to the Android application and the system-layer vulnerability discovery as well as other Android security research. We passed on the CTS frame of the research, the preparation of a vulnerability detection aspect of the...

Carries feelings of reminders: timely fix! (A smart door lock brace analysis sentiment)-vulnerability warning-the black bar safety net

Author: qimingxing e ADLab Bug/Vul/Patch No one can escape illness and death, which we all know is the laws of nature; similarly, no software can escape from a Bugdefect, the Vulvulnerability, Patchpatch, in fact it is also the laws of nature. Because software development is a complex activity, i...

Linux burst buffer overflow vulnerability: CVE-2017-9445-vulnerability warning-the black bar safety net

Buffer overflow: is for design defect, to program the input buffer is written so that the overflow content is usually more than the buffer can save the maximum amount of data of the data, thereby undermining the program run, taking advantage of the interruption to the occasion and get the program...

JapsPer pointer undefined vulnerability analysis-vulnerability warning-the black bar safety net

0×01: introduction JapsPer project is an open source project, it provides a method based on the jpeg-2000 part of the standard. This project was originally developed by Image Power and University of British Columbia collaboration. Currently, the ongoing JapsPer software maintenance and developmen...

For MAMP integration environment Suite of SQLiteManager vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword MAMP is a set of integrated environment kit, four letters on behalf of is running on Mac OS X Apache, MySQL and PHP. MAMP kit contains SQLiteManager, this SQLiteManager presence of a plurality of vulnerabilities. When MAMP user to visit a malicious website, an attacker can use sever...

Alpine Linux: from vulnerability discovery to code execution a-vulnerability warning-the black bar safety net

One, Foreword Recently I was in the Alpine Linux package Manager found two serious vulnerabilities, exploits, numbered CVE-2017-9669 and CVE-2017-9671。 If you are using Alpine, an attacker may use these two holes in your host to execute malicious code. Alpine Linux is a lightweight Linux...

FFmpeg arbitrary file read vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability analysis The vulnerability was originally developed by neex submitted to the HackerOne platform, and eventually get a 1000$bonus, the original link is https://hackerone.com/reports/226756 the. According to the authors, the exploitability of the vulnerability in the FFmpeg can handle...

The AWS metadata service SSRF vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Recently I was busy with a small project, to study how the Docker container executing untrusted Python code. According to the project requirements, I need to test more online code execution engine, research them on the various attacks of the reaction. In the research process, I foun...

Analysis Firefox the shared array buffer of the UAF exploit-vulnerability warning-the black bar safety net

This article explores the structured cloning algorithm to handle the shared array buffer occurs when a reference leakage problems. While the lack of overflow checking, can be exploited to execute arbitrary code. Is divided into the following sections: Background, vulnerability, summary We exploit...

Vulnerability warning | FFmpeg aeration arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Recently a white hat in the HackerOne platform reported by ffmpeg vulnerability using ffmpeg HLS playlist processing way, can lead to local file exposure. Vulnerability description 6 on 24 May, the HackerOne platform named neex the white hat for the Russian social networking site VK. com reported...

Bluetooth App loophole series analysis of the three CVE-2017-0645-vulnerability warning-the black bar safety net

0x01 vulnerability profile Android 6 months of security bulletins, at the same time also repair the we found a Bluetooth App mentioning the right to risk the vulnerability, the vulnerability allows the phone to local unprivileged malicious program constructed a counterfeit of the Provider and get...

CVE-2016-10277 in MOTO X Mobile phone on the exploit practice-vulnerability warning-the black bar safety net

CVE-2016-10277 is present in the Motorola series phones bootloader high-risk vulnerabilities, you can by kernel command injection hijacking the phone startup process, loads the attacker's control of the initramfs, so as to achieve the root mention the right purpose. Our hands on just to have a...

Linux in the Stack Clash vulnerabilities that may be exploited by hackers to obtain local root privileges-bug warning-the black bar safety net

Last month, Qualys security researchers in a variety of Unix-based Systems found on called the“Stack Clash”the vulnerability could allow an attacker on a UNIX system to gain root privileges and take over the attack computer. Currently security researchers discovered this flaw and are working with...

CVE-2011-3478 SYMANTEC PCANYWHERE remote code execution vulnerability-vulnerability warning-the black bar safety net

6 May 20, the end of the Xinjiang trip, and then to the blog for the move, since the Subdomain immediately to stop the pay service, after the Subdomain of the team of the center of gravity also from the Subdomain to transfer to the Bitcron, so I will also blog from a Subdomain to transfer to the...