Vigilant in the use of Microsoft Office EPS vulnerability-vulnerability warning-the black bar safety net

Introduction Recently, APT and early warning platform to capture to an attack sample, after analysis, the sample may wish to make use of CVE-2 0 1 5-2 5 4 5 attack, and have a higher attack level. Analysis The sample is an Encapsulated PostScript EPS filter module32bit module for EPSIMP32. FLTin ...

Java RMI services remote command execution exploit-vulnerability warning-the black bar safety net

Java RMI service is a remote method call Remote Method Invocation in. It is a mechanism that is able to make in a java virtual machine on the object calling another Java virtual machine object. In Java Web, many places will use RMI to communicate with each other to call. For example, many large...

CVE-2 0 1 6-0 0 3 4 vulnerability information and exploit tools-vulnerability warning-the black bar safety net

! /Article/UploadPic/2016-2/2 0 1 6 2 2 4 1 4 4 8 1 1 3 9. png CVE-2 0 1 6-0 0 3 4（MS16-0 0 6 a exists in the in Silverlight memory corruption vulnerability in Kaspersky company security researchers discovered this vulnerability after Microsoft in 2 0 1 6 years 1 month posted a corresponding...

File upload vulnerability example analysis-vulnerability warning-the black bar safety net

Principles File upload is a Web application that often appear in the function,it allows users to upload files to the server and saved to a specific location. This security is a very sensitive issue, once the malicious program is uploaded to the server and get the Execute permission, the...

magento < 1.9 xss vulnerability fix description-vulnerability warning-the black bar safety net

magento XSSthe vulnerability description did not say Baidu about everywhere Here a simple record handling process, and compare the rough, whether effective not yet verification Edit app/design/adminhtml/default/default/template/sales/order/view/info. phtml File Search getCustomerEmail There are t...

Why shellcode analysis is difficult-vulnerability warning-the black bar safety net

Shellcode should be safe the areas of the core one of the things. toc We discuss the common shellcode analysis of the difficulty. shellcode is too full of imagination, itself the exploit is very imaginative, the use way is also very imaginative. Get additional resources Many of the shellcode is...

Siteserver a SQL injection vulnerability-vulnerability warning-the black bar safety net

In the space on the module there is an injection vulnerability SQL injectionvulnerability file: code area /livefiles/pages/inner/userlist.aspx?ModuleType=Friends&RelatedUserType=Friends&UserModuleClientID=ctl00ctl00TemplateHolderContentHolderctl06&userName=1%27and%20@@version%3E0-- Case: code are...

The use of the Linux kernel in Use-After-Free（UAF）vulnerability to mention the right-vulnerability warning-the black bar safety net

Last month broke the CVE-2 0 1 6-0 7 2 8 （local mention the right loopholes so everyone's attention once again focused on the linux kernel security. And CVE-2 0 1 5-3 6 3 6, The CVE-2 0 1 5-7 3 1 2, The CVE-2 0 1 4-2 8 5 1, CVE-2 0 1 6-0 7 2 8 is a Use-After-Free（UAF types of vulnerabilities. We...

glibc CVE-2 0 1 5-7 5 4 7 vulnerability fixes-bug warning-the black bar safety net

Google's security research team disclosed a glibc getaddrinfo-overflow vulnerability, the popular Linux Enterprise system, a server system is almost always affected. As long as the glibc version is greater than 2.9 will be the overflow vulnerability. An attacker may by the vulnerability directly ...

Linux, the underlying function library“glibc”reproduction is a major security vulnerability, a plurality of releases affected-vulnerability warning-the black bar safety net

Google's security research team recently disclosed a glibc getaddrinfo-overflow vulnerability. Vulnerability details the discovery process can be found in the Google blog. Digression, Google engineers are genuine Vulnerability description: The vulnerability cause is that the DNS Server Response t...

WebDAV local mention the right Vulnerability, CVE-2 0 1 6-0 0 5 1. THE POC & EXP-vulnerability warning-the black bar safety net

Vulnerability information The vulnerability exists in the Microsoft Web Distributed Authoring and Versioning WebDAV, if Microsoft Web Distributed Authoring and Versioning WebDAV client to validate the input properly, then which will present elevation of privilege vulnerability. Successful...

New php vulnerability discovery of the debug result of the security vulnerability, Edusoho-a vulnerability warning-the black bar safety net

Modern cms framework laraval/symfony/slim, leading to today's php vulnerability appears point, principle, using method, has undergone some changes, this series can hope to summarize their excavation of such a cms vulnerability. Today this vulnerability is Edusoho a user table dump vulnerability...

NETGEAR ProSAFE NMS300 security exploit guide-vulnerability warning-the black bar safety net

! A security researcher has released code that Netgear ProSAFE NMS300 network management system there are two entries available of serious security vulnerabilities. If you are using the Netgear ProSAFE NMS300 management system? If the answer is Yes, then you probably want to worry about--because...

OpenSSL CVE-2 0 1 6-0 7 0 1 Private Key Recovery attack vulnerability analysis-vulnerability warning-the black bar safety net

by: au2o3t @3 6 0 Cloud Security Team 0x01 Foreword 2 0 1 6 1 2 8, OpenSSL official published number for the CVE-2 0 1 6-0 7 0 1 vulnerabilities. The vulnerability occurs in the OpenSSL 1.0.2 versionOpenSSL 1.0.2 f and later versions not affected, when using the DH algorithm to a different client...

OpenSSL high-risk vulnerabilities allow attackers to decrypt HTTPS traffic-bug warning-the black bar safety net

OpenSSL maintainer to fix a high risk vulnerability allows an attacker can obtain the decryption of HTTPS and other encrypted traffic key. Vulnerability the potential impact of While serious, but the need to meet multiple criteria to be used: the vulnerability exists only in OpenSSL 1.0.2; rely o...

Foxit PhantomPDF WillClose after the release of the heavy interest with a remote code execution vulnerability-vulnerability warning-the black bar safety net

Affected systems: Foxit Foxit Reader Description: Foxit Reader is a small PDF document viewer and print program. Foxit Reader WillClose the operation processing in the presence of security vulnerabilities. The structure of the PDF execution WillClose operation, will force the suspension of the...

2 0 1 5 Microsoft Windows vulnerability report-vulnerability warning-the black bar safety net

! This article is mainly for 2 0 1 5 year Microsoft, Google, etc. the company corresponding products of the newsecuritymechanism or security feature for analysis. In fact the previous year, namely 2 0 1 4 year of report Windows exploitation in 2 0 1 4, We also mentioned a current network attack t...

Foxit Reader ConvertToPDF heap buffer overflow remote code execution vulnerability-vulnerability warning-the black bar safety net

Affected systems: Foxit Foxit Reader Description: Foxit Reader is a small PDF document viewer and print program. Foxit Reader ConvertToPDFx86. dll in the presence of security vulnerabilities. Structure of the BMP graphics will result in a heap buffer overflow. An attacker could exploit this...

Immediately following Google's footsteps, Samsung repair Galaxy high-risk vulnerabilities-vulnerability warning-the black bar safety net

Samsung this month released the latest version of bug fixes, contains the arbitrary code execution, memory error, reset factory settings, and re-activate the locks, FRP/RL）vulnerability patch. The official Google fix Galaxy vulnerability With this update, the official total fix for Galaxy devices...

OpenSSL high-risk vulnerabilities allow hackers to decrypt HTTPS traffic（CVE-2 0 1 6-0 7 0 1-a vulnerability warning-the black bar safety net

! The OpenSSL encryption code library defenders are declared fixes a high risk vulnerability. The vulnerability could allow a hacker to access in HTTPS and other secure transport layer, for the encrypted communication to decrypt the key. OpenSSL vulnerability details When various conditions are...

Thousands of App Store games and App Store security vulnerability susceptible to hacker attacks-vulnerability warning-the black bar safety net

A leading network security company released research report, Apple's App Store has more than 1 0 0 0 app there is a security vulnerability, susceptible to hack attacks. A product called JSPatch used to help developers modify the application software, a security vulnerability exists, which makes i...

Dell VPN client Netextender 0day analysis-vulnerability warning-the black bar safety net

The VPN client is most IT security professionals will use a tool, using it can be connected to a“restricted”local area network, anonymous Internet access, ensure network traffic security, etc. But just imagine, if the VPN client can cause the machine to the elevation of privileges? Note: currentl...

The IOT era rights abuse of the vulnerability of attack and Defense-bug warning-the black bar safety net

Permissions for the abuse of Vulnerability in addition to on android Real machine debugging scenario other than there are many other scenarios. In the field of Internet of things applications is particularly extensive. For example: a smart TV can be allowed remotely through the network debugging,...

Ruby on Rails dynamic rendering remote code execution vulnerability (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net

If your application uses a dynamic rendering path dynamic render paths, such as render params:id, by a local file include, local file inclusion, and could lead to remote code execution. You can update to the Rails of the latest version, or refactor your controllers to fix the vulnerability. The...

Ruby on Rails remote code execution vulnerability analysis (CVE-2 0 1 6-0 7 5 2)-vulnerability warning-the black bar safety net

If your application uses a dynamic rendering path, such as render params:id, and then unfortunately, the application currently by the presence of local file inclusion and lead to remote code execution vulnerabilities, please quickly move your Rails to update to the latest version, or for your...

The use of the Linux kernel information leak to bypass the kALSR protection mechanisms-vulnerability warning-the black bar safety net

A preliminary description of the Since it has been in the linux kernel fix, so there is nothing concern about this vulnerability. http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2f73922d119686323f14fbbe46587f863852328 According to the researchers know, the mainstream...

PayPal remote command execution vulnerability analysis-vulnerability warning-the black bar safety net

2 0 1 5 year 1 2 on, the author in the PayPal of a sub-station in found a to be able to remotely execute arbitrary shell commands java deserialization vulnerability, and can impact PayPal products database. I'll be the bug was submitted to PayPal, and was quickly repaired. Vulnerability details !...

Lenovo eggplant fast pass（Lenovo ShareIT is exposed to many vulnerabilities-vulnerability warning-the black bar safety net

Lenovo ShareIT（eggplant fast pass service is proof there is a hard-coded password, information leakage, sensitive information is not encrypted, unauthorized vulnerability, bug submitter from Core Security Consulting team the security researcher Ivan Huertas, this report from the same team of...

Magento the presence of XSS vulnerability, the online Mall may be the attacker's control-the vulnerability warning-the black bar safety net

Magento is an open source e-Commerce system, is a major business-oriented application, The processing of e-Commerce needs, including shopping, shipping, product reviews, etc., and ultimately for the construction of a multipurpose and wide application of e-Commerce websites to provide help. Magent...

FreeBSD remote DoS attacks exploit analysis CVE-2 0 1 6-1 8 7 9-a vulnerability warning-the black bar safety net

The FreeBSD team announced theiroperating systemthere is a serious vulnerability, hackers can exploit this vulnerability to DoS（denial of service attacks, to mention the right or to steal system sensitive information. SCTP ICMPv6 error handling Vulnerability CVE-2 0 1 6-1 8 7 9 SCTP stream contro...

Technical analysis: Apple syslogd to mention the right vulnerability, affecting numerous iOS and OSX version of the CVE-2 0 1 6-1 7 2 2-a vulnerability warning-the black bar safety net

! This iOS 9.2.1 the latest update, Apple fixes a code execution vulnerability, and is by Zimperium zLabs two fellows Nikias Bassen and Joshua J. Drake in syslogd in the discovery. In this article, we will share how to determine the vulnerability and the vulnerability behind can allow an attacker...

PayPal remote code execution vulnerability-vulnerability warning-the black bar safety net

! /Article/UploadPic/2016-1/2016126182812936.jpg In 2 0 1 5 years 1 2 months,I in the PayPal Business Sitemanager.paypal.comfound a serious vulnerability,this vulnerability exist,so that I can through unsafe JAVA deserialize the object,in the PayPal website, the server on the remote using the she...

Google Finance was traced to reflected File Download(RFD)vulnerabilities-vulnerability warning-the black bar safety net

! A Portuguese network security expert David Sopas found the impact of Google Finance a reflected File DownloadRFDvulnerabilities. I'm in audits of other clients time to discover this vulnerability, through RFD, you need to establish a page to force the download. This Google JSON file of the...

Adobe Reader and Acrobat Pro elevation of privilege vulnerability analysis(CVE-2 0 1 5-5 0 9 0)-vulnerability warning-the black bar safety net

0×0 1 Introduction CVE-2 0 1 5-5 0 9 0 is present in the Adobe Reader/Acrobat Pro a bug, and as early as a few months ago has been found and submitted to ZDI. This article is mainly about this bug details, and share several different attack methods. AdobeARMService Adobe updates, in Adobe...

The core area of URL filtering vulnerability affects Samsung Note 3, The Galaxy S6(CVE-2 0 1 6-2 0 3 6)-vulnerability warning-the black bar safety net

A Samsung Note 3, The Galaxy S6 phone Bug-the kernel area of the URL filter will appear what problem? Author: Roberto Paleari @rpaleari and Aristide Fattori @joystickID: CVE-2 0 1 6-2 0 3 6 notification date: 20/10/2 0 1 5 release date: 20/01/2 0 1 6 in the study of the Samsung Android kernel, we...

Microsoft Office Excel remote code execution vulnerability, CVE-2 0 1 6-0 0 3 5 analysis-vulnerability warning-the black bar safety net

Recently I found Excel programs all version in processing of the special structure of the excel file, there is a Use-After-Free vulnerability. The vulnerability is successfully exploited can allow remote code execution. However Microsoft refuses to patch the vulnerability, saying that...

Apple fixes iOS a serious vulnerability, hackers can be from the device to steal cookies-CVE-2 0 1 6-1 7 3 0-a vulnerability warning-the black bar safety net

Recently, Apple fixes iOS a serious vulnerability. This vulnerability allows hackers to masquerade as the end user, access to the web unencrypted cookie read and write permissions. With the Tuesday release of iOS 9.2.1, the vulnerability is repaired, from it first being reported to Apple has last...

iOS&OS X platform vulnerability analysis report: CVE-2 0 1 6-1 7 2 2-vulnerability warning-the black bar safety net

Give everyone a description of the CVE-2 0 1 6-1 7 2 2 the vulnerability discovery and the validation process Last week, Apple released the iOS 9.2.1 of this update is Apple in 2 0 1 6 years of iOS device security can be in the first update. In this update, Apple fixes syslogdthe logging processi...

In-depth analysis of Microsoft Office RTF file stack overflow vulnerability, CVE-2 0 1 6-0 0 1 0-a vulnerability warning-the black bar safety net

0×0 1 Summary In this month's Microsoft patch Tuesday, Microsoft fixes 3 Office vulnerability MS16-0 0 4。 This vulnerability is due to MS Office not correctly parse the RTF document caused by a heap overflow vulnerability successful exploitation of this vulnerability may enable an attacker to...

The Linux kernel mention the right vulnerability analysis and the use of CVE-2 0 1 6-0 7 2 8-a vulnerability warning-the black bar safety net

Security research team Perception Point found a Linux system the kernel exists in a high-risk level of the local privilege escalation 0day vulnerabilities, numbered CVE-2 0 1 6-0 7 2 8 in. There are currently more than 6 6% of Android phones and 1 0 0 0 million Linux PCS and servers are affected ...

Yahoo repair mailbox vulnerability, the researchers receive a million dollar bonus-vulnerability warning-the black bar safety net

! Currently Yahoo repair a can be attacker for hijacking the user's mailbox vulnerability. The vulnerability is hazards heavier According to the latest news that Yahoo has to fix theXSSvulnerabilities, earlier, a malicious attacker can exploit the vulnerability to send malicious mail, then you ca...

GlassFish arbitrary file read vulnerability tracking report-bug warning-the black bar safety net

GlassFish is a tool for building Java EE applications service components. 2 0 1 5 years 1 0 months to be broke General purpose arbitrary file read vulnerability. Using this vulnerability, an attacker can read the server arbitrary file. Was informed of the vulnerability, cloud shield security team...

This world really have a free steal traffic method?- Vulnerability warning-the black bar safety net

Yesterday, the white hat hacker“little very white guest”of heavy holes in the black bar safety net vulnerability on the platform is published. A hacker can through a simple method, unlimited use of the operator's traffic, the more frenzied is, whether it is mobile, Unicom or Telecom, the methods...

OpenSSH CVE-2 0 1 6-0 7 7 7 private key to steal technical analysis-vulnerability warning-the black bar safety net

Remembered used to write a lot of advertising procedures, estimation also not many people see. Then see“days eye APT the Team”and“3 6 0 security suit team”of people for black output only wrote the phrase“people do, day in see”, a bit of sentiment. Quickly put the sb type of ad deleted, cannot be...

Adobe Reader and Acrobat memory corruption vulnerability(CVE-2 0 1 6-0 9 4 6)-vulnerability warning-the black bar safety net

Affected system: Adobe Acrobat XI 〈= 11.0.13 Adobe Acrobat Reader DC = 15.009.20077 Adobe Acrobat DC 〈= 15.009.20077 Description: CVECAN ID: CVE-2 0 1 6-0 9 4 6 Adobe Reader is a PDF document reading software. Acrobat is a PDF editing software. Adobe Reader and Acrobat some version exists memory...

Mac GateKeeper vulnerability patch is invalid, it can still be bypassed to attack-vulnerability warning-the black bar safety net

Recently, security experts Patrick Wardle said earlier Apple released for the repair of reinforcing the Mac OS X GateKeeper vulnerability patch is invalid, cannot protect the user of Mac computer security. In 2 0 1 5 year 9 months, is exactly what Patrick Wardle first discovered the vulnerability...

Kaspersky Lab found that the Silverlight zero-day-vulnerability warning-the black bar safety net

Recently, Kaspersky Lab found in the Silverlight application in the presence of a dangerous zero-day vulnerabilities, millions of users pose a security risk. On Wednesday, in a blog post, the network security company Kaspersky said the vulnerability would allow an attacker to gain access to the...

Java deserialization vulnerability technical analysis-vulnerability warning-the black bar safety net

1 Java deserialization vulnerability background description Simply speaking serialization is the object state to be maintained or the transmission format of the processbytestream in. With the sequence of the opposite is deserialized, it will streambytestreamis converted to an object. These two...

Trend Micro Password Manager program arbitrary command execution vulnerability verification-vulnerability and early warning-the black bar safety net

Trend Micro antivirus software to suit the windows version, contains a password management program, the program is also in the official website provides a single download connection, is a free service. The default installation of the latest TRAND Micro: the ! 1 Figure 1 Can in Data Security find...

2 6 3 the enterprise mailbox and the personal mailbox pass to kill any user login-bug warning-the black bar safety net

Vulnerability details disclosure status: 2016-01-14: details have been notified vendors and wait for manufacturers processing 2016-01-14: vendor has confirmed, the details only to the manufacturer public 2016-01-14: vendor has fixed the vulnerability and take the initiative to disclose details to...