Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs

Overview Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run arbitrary code with SYSTEM privileges. Description The Atlassian Bitbucket Windows installer...
Auteur: US Cert

VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths

Overview Siemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be used by a privileged Node.js component, which can allow an unprivileged Windows user to run arbitrary code...
Auteur: US Cert

VU#794544: Heap-Based Buffer Overflow in Sudo

Overview A heap-based overflow has been discovered in sudo, which may allow a local attacker to execute commands with elevated administrator privileges. Description From the Sudo Main Page: Sudo (su "do") allows a...
Auteur: US Cert

VU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs

Overview Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description The Adobe ColdFusion installer fails to set a...
Auteur: US Cert

VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning

Overview Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a...
Auteur: US Cert

VU#843464: SolarWinds Orion API authentication bypass allows remote comand execution

Overview The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker to execute API commands. Description The SolarWinds Orion Platform is a suite of infrastructure and system...
Auteur: US Cert

VU#429301: Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create...
Auteur: US Cert

VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities

Overview Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are...
Auteur: US Cert

VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection

Overview VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to command injection in the administrative configurator. This could allow a remote attacker to...
Auteur: US Cert

VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks

Overview The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely protect against replay attacks. An attacker with physical access can deceive a trusted component...
Auteur: US Cert

VU#760767: Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create...
Auteur: US Cert

VU#208577: Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs

Overview Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description CVE-2020-15264 The Chocolatey Boxstarter...
Auteur: US Cert

VU#114757: Acronis backup software contains multiple privilege escalation vulnerabilities

Overview Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM...
Auteur: US Cert

VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector

Overview The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a...
Auteur: US Cert

VU#896979: IPTV encoder devices contain multiple vulnerabilities

Overview Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to...
Auteur: US Cert

VU#589825: Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite

Overview Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are vulnerable to key overwrite, which enables an attacker to to gain additional access to profiles...
Auteur: US Cert

VU#116713: NCR SelfServ ATM dispenser software contains multiple vulnerabilities

Overview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 05.01.00 or older are vulnerable to physical attacks on the communications bus between the currency dispenser component and the host...
Auteur: US Cert

VU#815655: NCR SelfServ ATM BNA contains multiple vulnerabilities

Overview NCR SelfServ automated teller machines (ATMs) running APTRA XFS 04.02.01 and 05.01.00 are vulnerable to physical attacks on the communications bus between the host computer and the bunch note accepter...
Auteur: US Cert

VU#221785: Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host

Overview Diebold Nixdorf 2100xe USB automated teller machines (ATMs) are vulnerable to physical attacks on the communication channel between the cash and check deposit module (CCDM) and the host computer. An...
Auteur: US Cert

VU#174059: GRUB2 bootloader is vulnerable to buffer overflow

Overview The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. Description GRUB2 is a multiboot boot loader...
Auteur: US Cert

VU#290915: F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution

Overview F5 BIG-IP provides a Traffic Management User Interface (TMUI), also referred to as the Configuration utility, that has multiple vulnerabilities including a remotely exploitable command injection...
Auteur: US Cert

VU#576779: Netgear httpd upgrade_check.cgi stack buffer overflow

Overview Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root...
Auteur: US Cert

VU#257161: Treck IP stacks contain multiple vulnerabilities

Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is...
Auteur: US Cert

VU#339275: Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

VU#339275: Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations
Auteur: US Cert

VU#636397: IP-in-IP protocol routes arbitrary traffic by default

VU#636397: IP-in-IP protocol routes arbitrary traffic by default
Auteur: US Cert
12345678910Last

Événements SSI