TTCSIRT-289.022620: TT-CSIRT ADVISORY- MICROSOFT EXCHANGE SERVER VULNERABILITY
Microsoft Exchange Server Exchange Control Panel Fixed Cryptographic Key Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server.…
Read MoreTTCSIRT-288.022620: TT-CSIRT ADVISORY- MICROSOFT INTERNET EXPLORER SCRIPTING ENGINE MEMORY CORRUPTION VULNERABILITY.
The Microsoft Internet Explorer Scripting Engine contains a memory corruption vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Internet Explorer contains a scripting…
Read MoreTTCSIRT-287.022620: TT-CSIRT ADVISORY- MULTIPLE ZYXEL DEVICE VULNERABILITIES.
Multiple ZyXEL devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Description CWE-78: Improper Neutralization of…
Read MoreTTCSIRT-286.022620: TT-CSIRT ADVISORY- APACHE TOMCAT VULNERABILITIES
There are three vulnerabilities with Apache Tomcat with varying levels of severity. Kindly see below for a summary of each vulnerability: Operating System : Windows, UNIX variants (UNIX, Linux, OSX)…
Read MoreTTCSIRT-285.022620: TT-CSIRT ADVISORY- OPENSMTPD 6.6.4P1 RELEASE ADDRESSES CRITICAL VULNERABILITY
Qualys has found another critical vulnerability in OpenSMTPD. It is very important that you upgrade your setups AS SOON AS POSSIBLE. On OpenBSD: Binary patches are available through syspatch. Just…
Read MoreTTCSIRT-284.022620: TT-CSIRT ADVISORY-GOOGLE RELEASES SECURITY UPDATES FOR CHROME
Google has released Chrome version 80.0.3987.122 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. TT-CSIRT encourages users…
Read More