WPA2 Key Reinstallation Attacks (KRACKs) Date first published: 23/1/2018 1.0 Introduction TT-CSIRT wishes to advise that weaknesses have been discovered in the Wi-Fi Protected Access 2 (WPA2) protocol used to secure wireless networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Attackers can use these exploits […]
Apple has released security updates stating that the following vulnerabilities have been discovered in Safari, watchOS, iOS, High Sierra, Sierra, El Capitan, and tvOS: a) A certificate evaluation issue existed in the handling of name constraints – (CVE-2018-4086) b) An application may be able to execute arbitrary code with kernel privileges – (CVE-2018-4097) c) A […]
Lenovo has released a security update for its Enterprise Network Operating System (ENOS) stating that an authentication bypass mechanism known as “HP Backdoor” was discovered during a Lenovo security audit in the Telnet and Serial Console management interfaces as well as the SSH and Web management interfaces under certain limited and unlikely conditions. This bypass […]
Oracle has released a January 2018 Critical Patch Update to fix certain products vulnerable to Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities. Some of the products affected include: a) Application Express, versions prior to 5.1.4.00.08 b) Java Advanced Management Console, version 2.8 c) MySQL Enterprise Monitor, versions 3.3.6.3293 and prior, 3.4.4.4226 and prior, […]
Security updates have been released stating that CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. These vulnerabilities affect many modern processors and operating systems including Intel, AMD, and ARM which can be used to read the content of memory across a trusted boundary and can therefore lead to information […]
VMware has released a security update stating that vSphere Data Protection (VDP) contains the following vulnerabilities: a) VDP authentication bypass – a remote unauthenticated malicious user can potentially bypass application authentication and gain unauthorized root access to the affected systems. b) VDP arbitrary file upload – A remote authenticated malicious user with low privileges could […]
Google has released a security update warning customers that some of the files provided by third-party vendors through its advertising platform can introduce cross-site scripting (XSS) vulnerabilities. Some of these vendors include: a) adform/IFrameManager.html b) admotion/afa-iframe.htm c) bonzai/bonzaiBuster.html d) exponential/buster.html e) eyeblaster/addineyeV2.html f) eyewonder/interim.html g) flashtalking/ftlocal.html h) ipinyou/py_buster.html i) jivox/jivoxibuster.html j) mediaplex/mojofb_v9.html k) mixpo/framebust.html l) […]
Mozilla has released a security updates to address multiple vulnerabilities in Thunderbird 52.5.2: a) CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9 b) CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin c) CVE-2017-7847: Local path string can be leaked from RSS feed d) CVE-2017-7848: RSS Feed vulnerable to […]
Apple has reported that a vulnerability exists in iCloud For Windows 7.2 where an attacker in a privileged network position can track a user. This is due to a privacy issue which existed in the use of client certificates. Further information on this vulnerability and how it can be fixed can be found on the […]
CERT Coordination Center (CERT/CC) has released information on a Transport Layer Security (TLS) vulnerability. Exploitation of this vulnerability could allow an attacker to access sensitive information. The TLS vulnerability is also known as Return of Bleichenbacher’s Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain […]
