A security researcher testing a Juniper NetScreen Firewall + VPN found multiple stored cross-site scripting vulnerabilities that could be used to elevate privileges through the NetScreen WebUI. A user with the ‘security’ role can inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute …
The Samba Team has reported a critical vulnerability in all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos. A Man-In-The-Middle Attacker may impersonate a trusted server and thus gain elevated access to the domain by returning malicious replication or authorization data. A patch addressing this defect has been posted to https://www.samba.org/samba/security/ while Samba …
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of a system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates: a) Elastic Services Controller Unauthorized Access Vulnerability – cisco-sa-20170705-esc2 b) Ultra Services Framework …
Joomla has released version 3.7.3 of its Content Management System software to address several vulnerabilities: a) Core – Information Disclosure affecting Joomla 1.7.3-3.7.2 b) Core – XSS Vulnerability affecting Joomla 1.7.3-3.7.2 c) Core – XSS Vulnerability affecting Joomla 1.5.0-3.6.5 Further information on these vulnerability updates and fixes can be found on the Joomla Website at …
Date First published: 27/6/2017 1.0 Introduction Discovered: June 27, 2017 Updated: June 27, 2017 12:30pm Type: Ransomware Infection Length: Varies Systems Affected: Client Computers, Servers, Websites This is an alert from TTCSIRT that there are early signs of a new ransomware outbreak currently affecting a large number of countries across the globe such as the …