Overview Recently, the TALOS team disclosed a critical remote code execution vulnerability (CVE-2018-4013). This vulnerability exists in the HTTP packet parsing functionality of the LIVE555 RTSP server library. An attacker could exploit this vulnerability to cause a stack-based buffer overflow via a specially crafted packet, resulting in code execution.
Overview On October 16, local time, libssh officially released an update to fix the server-side identity authentication bypass vulnerability (CVE-2018-10933) existing in libssh 0.6 and later versions. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker […]
Overview On October 17, Beijing time, Oracle officially released a Critical Patch Update (CPU), which contains a fix for the critical WebLogic remote code execution vulnerability (CVE-2018-3191). This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation of it can result in […]
Overview On October 16, local time (early morning on October 17, Beijing time), Oracle officially released the October (third quarter) Critical Patch Update (CPU), which fixes a July (second quarter) CPU patch. The WebLogic remote code execution vulnerability (CVE-2018-2893) has not been fully fixed. The newly fixed vulnerability is assigned […]
Overview On October 16, 2018, local time, Oracle released its quarterly security advisory of the Critical Patch Update (CPU) for the third quarter. The CPU fixes 301 vulnerabilities of varying severity levels across the product families. For details about affected products and available patches, see the appendix.
1 Vulnerability Overview Recently, the Git project disclosed CVE-2018-17456, a vulnerability in Git that can cause arbitrary code execution when a user clones a malicious repository. An attacker can take control of a target host by exploiting this vulnerability and at the same time using social engineering methods such as […]
1.1 Executive Summary In a recent emergency response activity, NSFOCUS Threat Intelligence center (NTI) discovered a security event that featured NuggetPhantom, a modularized malware toolkit. According to our observation, the organization behind this event made its debut at the end of 2016 in the blue screen of death (BSOD) event […]