취약점 정보1 썸네일형 리스트형 Which NTP Servers do You Need to Patch? While people generally know where their "real" NTP servers are, all to often they don't know that they've got a raft of "accidental" NTP servers - boxes that have NTP enabled without the system maintainers knowing about it. Common servers on the network like routers or switches (often when these are NTP clients, they are also NTP servers), PBX's and VOIP gateways, mail servers, certificate autho.. 더보기 Critical #NTP Vulnerability in ntpd prior to 4.2.8 The Google security team discovered several vulnerabilities in current NTP implementations, one of which can lead to arbitrary code execution [1][2]. NTP servers prior to version 4.2.8 are affected. There are some rumors about active exploitation of at least some of the vulnerabilities Google discovered.Make sure to patch all publicly reachable NTP implementations as fast as possible. Mitigating.. 더보기 MS14-068 This is a short post on how to exploit MS14-068 on Linux. This came up on my recent internal infrastructure engagement. The primary DC was a vulnerable Windows 2008 R2 SP1 server.I had physical access to one of the workstations without any credentials (local or domain). So I’ve booted the workstation into Linux from a USB drive and copied SAM and SYSTEM files to my machine. It was a fresh SOE in.. 더보기 MS14-068 The MS14-068 flaw in Kerberos allows a regular authenticated domain account to elevate permissions to compromise an entire domain. Recently Sylvain Monne’ (kudos and awesome work to Sylvain) released PoC code in order to gain access to a administrative share utilizing the Kerberos flaw. A regular user could grab a Kerberos token and then authenticate for example to a domain controllers shares. W.. 더보기 CVE-2014-9218 phpMyAdmin DoS Proof of Concept Assuming that time enough has happened since the security update was released by phpMyAdmin, we want to share our researches. As you already know, we believe in Responsible Disclosure and that is the reason why we didn't publish this post before. You can read the vulnerability details in the previous blog post. In this one, we show you the way to exploit it. 1 - Create the payload. $ echo -n "pm.. 더보기 WordpreXSS Exploitation In today’s post I am going to show a real-world example of stealing someone’s WordPress credentials using XSS exploitation, and getting shell access to the underlying host.I chose this topic because of the general misconceptions I have seen around the potential effectscross-site scripting (XSS). In addition, I find the usual pop-up alert(1) window inadequate to demonstrate the potential conseque.. 더보기 Analysis of the CVE-2013-6435 Flaw in RPM The RPM Package Manager (RPM) is a powerful command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. RPM was originally written in 1997 by Erik Troan and Marc Ewing.Since then RPM has been successfully used in all versions of Red Hat Linux and currently in Red Hat Enterprise Linux.RPM offers considerable advantages ov.. 더보기 CVE-2014-8500: A Defect in Delegation Handling Can Be Exploited to Crash BIND Failure to place limits on delegation chaining can allow an attacker to crash BIND or cause memory exhaustion.CVE: CVE-2014-8500 Document Version: 2.0 Posting date: 08 December 2014Program Impacted: BIND 9Versions affected: 9.0.x -> 9.8.x, 9.9.0 -> 9.9.6, 9.10.0 -> 9.10.1 Severity: Critical Exploitable: Remotely Description:By making use of maliciously-constructed zones or a rogue server, an att.. 더보기 How bad is the SCHANNEL vulnerability (CVE-2014-6321) patched in MS14-066? We had a number of users suggesting that we should have labeled MS14-066 as "Patch Now" instead of just critical. This particular vulnerability probably has the largest potential impact among all of the vulnerabilities patched this Tuesday, and should be considered the first patch to apply, in particular on servers.Just like OpenSSL implements SSL on many Unix systems, SCHANNEL is the standard S.. 더보기 Microsoft Updates MS14-066 Microsoft updated MS14-066 to warn users about some problems caused by the additional ciphers added with the update [1]. It appears that clients who may not support these ciphers may fail to connect at all. The "quick fix" is to remove the ciphers by editing the respective registry entry (see the KB article link below for more details).One user reported to us performance issues when connecting f.. 더보기 이전 1 ··· 27 28 29 30 31 32 33 ··· 62 다음