TTCSIRT-080.012218: TT-CSIRT Advisory – Lenovo Security Updates

TTCSIRT-080.012218: TT-CSIRT Advisory – Lenovo Security Updates

Lenovo has released a security update for its Enterprise Network Operating System (ENOS) stating that an authentication bypass mechanism known as “HP Backdoor” was discovered during a Lenovo security audit in the Telnet and Serial Console management interfaces as well as the SSH and Web management interfaces under certain limited and unlikely conditions. This bypass […]

TTCSIRT-079.012218: TT-CSIRT Advisory – Oracle Security Updates

Oracle has released a January 2018 Critical Patch Update to fix certain products vulnerable to Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Some of the products affected include: a) Application Express, versions prior to 5.1.4.00.08 b) Java Advanced Management Console, version 2.8 c) MySQL Enterprise Monitor, versions 3.3.6.3293 and prior, 3.4.4.4226 and prior, […]

TTCSIRT-078.010418: TT-CSIRT Advisory – SideChannel Vulnerabilities

Security updates have been released stating that CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. These vulnerabilities affect many modern processors and operating systems including Intel, AMD, and ARM which can be used to read the content of memory across a trusted boundary and can therefore lead to information […]

TTCSIRT-077.010418: TT-CSIRT Advisory – VMware Security Updates

VMware has released a security update stating that vSphere Data Protection (VDP) contains the following vulnerabilities: a) VDP authentication bypass – a remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems. b) VDP arbitrary file upload – A remote authenticated malicious user with low privileges could […]

TTCSIRT-076.122717: TT-CSIRT Advisory – Google Security Updates

Google has released a security update warning customers that some of the files provided by third-party vendors through its advertising platform can introduce cross-site scripting (XSS) vulnerabilities. Some of these vendors include: a) adform/IFrameManager.html b) admotion/afa-iframe.htm c) bonzai/bonzaiBuster.html d) exponential/buster.html e) eyeblaster/addineyeV2.html f) eyewonder/interim.html g) flashtalking/ftlocal.html h) ipinyou/py_buster.html i) jivox/jivoxibuster.html j) mediaplex/mojofb_v9.html k) mixpo/framebust.html l) […]

TTCSIRT-075.122717: TT-CSIRT Advisory – Mozilla Security Updates

Mozilla has released a security updates to address multiple vulnerabilities in Thunderbird 52.5.2: a) CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 b) CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin c) CVE-2017-7847: Local path string can be leaked from RSS feed d) CVE-2017-7848: RSS Feed vulnerable to […]

TTCSIRT-073.121417: TT-CSIRT Advisory – TLS Security Updates

CERT Coordination Center (CERT/CC) has released information on a Transport Layer Security (TLS) vulnerability. Exploitation of this vulnerability could allow an attacker to access sensitive information. The TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain […]

TTCSIRT-072.120817: TT-CSIRT Advisory – Microsoft Security Updates

Microsoft has reported that A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker […]

TTCSIRT-071.120817: TT-CSIRT Advisory – Chrome Security Updates

Google has reported several vulnerabilities with regards to Google Chrome which includes: a) Out of bounds write in QUIC – (CVE-2017-15407) b) Heap buffer overflow in PDFium – (CVE-2017-15408) c) Out of bounds write in Skia – (CVE-2017-15409) d) Use after free in PDFium – (CVE-2017-15410, CVE-2017-15411) e) Use after free in libXML – (CVE-2017-15412) […]