PoC – Page 13 – WindowsTechs.com

Guess what? You should patch Exim again!

Posted on October 1, 2019 by Zeljka Zorz

Hot on the heels of a patch for a critical RCE Exim flaw comes another one that fixes a denial of service (DoS) condition (CVE-2019-16928) that could also be exploited by attackers to pull off remote code execution. With no mitigations available at thi… Continue reading Guess what? You should patch Exim again!→

Critical Exim flaw opens servers to remote code execution, patch now!

Posted on September 9, 2019 by Zeljka Zorz

The Exim mail transfer agent (MTA) is impacted by a critical vulnerability that may allow local or unauthenticated remote attackers to execute programs with root privileges on the underlying system. About Exim Exim is the most widely used MTA today and… Continue reading Critical Exim flaw opens servers to remote code execution, patch now!→

Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages

Posted on July 30, 2019 by Tara Seals

Remote exploitation can be achieved with no user interaction. Continue reading Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages→

Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways

Posted on July 22, 2019 by Zeljka Zorz

Palo Alto Networks has silently patched a critical remote code execution vulnerability in its enterprise GlobalProtect SSL VPN, which runs on Palo Alto Networks’ firewall devices. Administrators who have still not upgraded to the fixed PAN-OS ver… Continue reading Released: PoC for RCE flaw in Palo Alto Networks firewalls, gateways→

July 16, 2019 – Hack Naked News #227

Posted on July 16, 2019 by Security Weekly Productions

Zoom RCE flaw affecting RingCentral and Zhumu, a researcher releases PoC code for critical Atlassian Crowd RCE flaw, thousands of legacy Lenovo storage devices exposed millions of files, unusual Linux ransomware targets NAS servers, and how hacked … Continue reading July 16, 2019 – Hack Naked News #227→

Researcher releases PoC code for critical Atlassian Crowd RCE flaw

Posted on July 16, 2019 by Zeljka Zorz

A researcher has released proof-of-concept code for a critical code execution vulnerability (CVE-2019-11580) in Atlassian Crowd, a centralized identity management solution providing single sign-on and user identity. Atlassian plugged the hole in late M… Continue reading Researcher releases PoC code for critical Atlassian Crowd RCE flaw→

Linux Command-Line Editors Vulnerable to High-Severity Bug

Posted on June 11, 2019 by Tom Spring

A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations. Continue reading Linux Command-Line Editors Vulnerable to High-Severity Bug→

SharePoint servers under attack through CVE-2019-0604

Posted on May 13, 2019 by Zeljka Zorz

CVE-2019-0604, a critical vulnerability opening unpatched Microsoft SharePoint servers to attack, is being exploited by attackers to install a web shell. The web shell allows them to achieve continuous access to the system and, potentially, to the inte… Continue reading SharePoint servers under attack through CVE-2019-0604→

Flaw in pre-installed software opens Dell computers to remote hijack

Posted on May 6, 2019 by Zeljka Zorz

Dell computer owners should update the Dell SupportAssist software as soon as possible to close a high-risk remote code execution vulnerability. What is Dell SupportAssist? SupportAssist is software that comes pre-installed on most Dell laptops and com… Continue reading Flaw in pre-installed software opens Dell computers to remote hijack→

PoC exploit for Carpe Diem Apache bug released

Posted on April 9, 2019 by Zeljka Zorz

Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a proper exploit. I added tons of comments, it is meant to be educational as well,… Continue reading PoC exploit for Carpe Diem Apache bug released→