Media
Bug!!! #mrrobot #ramimalek #bug #whatisbug #hacktorial #quotes #Security #secure #linux #ubuntu
via Instagram https://ift.tt/2HLbKVw
Bug!!! #mrrobot #ramimalek #bug #whatisbug #hacktorial #quotes #Security #secure #linux #ubuntu
via Instagram https://ift.tt/2HLbKVw
Microsoft found a Huawei Driver that opens systems to attack
What happened is a Huawei driver used an unusual approach. It injected code into a privileged windows process in order to start programs that may have crashed... Something that can be done easier using a windows API call.
Since it's a driver it can do this but it's a very bad practice because it bypasses security checks. But if the driver itself is fully secure it doesn't matter.
But the driver isn't fully secure it and it could be used by a normal program to access secure areas of the system.
(But frankly any driver that isn't fully secure could have an issue like this. But this sort of practice makes it harder to secure...)
So either Huawei is negligent or they did this on purpose to open a security hole to be used by itself or others...
Can't be certain, but if they did this without any malicious intent then they are grossly negligent. There isn't any excuse here.
#Hacktorial #Windows #Huawei #Bug #Vulnerability
β- @hacktorial
Read Full Official Report
What happened is a Huawei driver used an unusual approach. It injected code into a privileged windows process in order to start programs that may have crashed... Something that can be done easier using a windows API call.
Since it's a driver it can do this but it's a very bad practice because it bypasses security checks. But if the driver itself is fully secure it doesn't matter.
But the driver isn't fully secure it and it could be used by a normal program to access secure areas of the system.
(But frankly any driver that isn't fully secure could have an issue like this. But this sort of practice makes it harder to secure...)
So either Huawei is negligent or they did this on purpose to open a security hole to be used by itself or others...
Can't be certain, but if they did this without any malicious intent then they are grossly negligent. There isn't any excuse here.
#Hacktorial #Windows #Huawei #Bug #Vulnerability
β- @hacktorial
Read Full Official Report
Microsoft Security
From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw - Microsoft Security
Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATPβs sensors. These sensors expose anomalous behavior and give SecOps personnel the intelligence and tools to investigate threats, as we did.
π°π°π°π° Bug & Glitchπ°π°π°π°
Firefox Disabled All Extension Because Of A Glitch
Many Firefox users around the world are browsing without their usual set of extensions after they suddenly stopped working earlier this evening. The event occurred as the clock rolled over on UTC (Coordinated Universal Time, aka GMT or Greenwich Mean Time), and impacted users quickly narrowed it down to "expiration of intermediate signing cert" -- as it's described on Mozilla's bug tracker.
#FireFox #Mozilla #HackTorial
#Certificate #Glitch #Bug
Read More : https://tcrn.ch/2VQm7hz
π°π°π°π° @HackTorial π°π°π°π°
Firefox Disabled All Extension Because Of A Glitch
Many Firefox users around the world are browsing without their usual set of extensions after they suddenly stopped working earlier this evening. The event occurred as the clock rolled over on UTC (Coordinated Universal Time, aka GMT or Greenwich Mean Time), and impacted users quickly narrowed it down to "expiration of intermediate signing cert" -- as it's described on Mozilla's bug tracker.
#FireFox #Mozilla #HackTorial
#Certificate #Glitch #Bug
Read More : https://tcrn.ch/2VQm7hz
π°π°π°π° @HackTorial π°π°π°π°
ββπ°VLC Media Player Has Critical Security Flaw: Uninstall Now!
π°
If you still use the popular open-source VLC Media Player, you might want to uninstall it (at least for now). German security agency CERT-Bund has discovered a critical security flaw in VLC that could be used by attackers for remote code execution or cause a DDoS.
The worst part is that VideoLAN (the team behind VLC) doesnβt have a complete patch at the moment and until it rolls out one, your PC remains vulnerable.
Vulnerability in VLC Media Player
The vulnerability, described in CVE-2019-13615, reads:
βA remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files.β
In short, this security flaw can allow hackers to hijack your PC and go through your files.
A fix on the way
Fortunately, there have been no reports of exploitation of this flaw. WinFuture reports that Windows, Linux, and Unix versions of VLC have been affected by the security hole, but the macOS version remains safe.
Nevertheless, it totals up to a huge number of potentially vulnerable systems out there.
VideoLAN has been informed of the issue and the team is currently working on a patch. However, the patch is nearly 60% complete. We will have to wait longer for a fix.
For now, the only way to protect yourself from this flaw is to uninstall VLC and switch to alternative media players.
#VLC #Bug #Hacktorial #Security #Hack #OpenSource #MediaPlayer
#VideoLAN
π°π°π°π° @HackTorial π°π°π°π°
π°
If you still use the popular open-source VLC Media Player, you might want to uninstall it (at least for now). German security agency CERT-Bund has discovered a critical security flaw in VLC that could be used by attackers for remote code execution or cause a DDoS.
The worst part is that VideoLAN (the team behind VLC) doesnβt have a complete patch at the moment and until it rolls out one, your PC remains vulnerable.
Vulnerability in VLC Media Player
The vulnerability, described in CVE-2019-13615, reads:
βA remote, anonymous attacker can exploit a vulnerability in VLC to execute arbitrary code, create a denial of service state, disclose information, or manipulate files.β
In short, this security flaw can allow hackers to hijack your PC and go through your files.
A fix on the way
Fortunately, there have been no reports of exploitation of this flaw. WinFuture reports that Windows, Linux, and Unix versions of VLC have been affected by the security hole, but the macOS version remains safe.
Nevertheless, it totals up to a huge number of potentially vulnerable systems out there.
VideoLAN has been informed of the issue and the team is currently working on a patch. However, the patch is nearly 60% complete. We will have to wait longer for a fix.
For now, the only way to protect yourself from this flaw is to uninstall VLC and switch to alternative media players.
#VLC #Bug #Hacktorial #Security #Hack #OpenSource #MediaPlayer
#VideoLAN
π°π°π°π° @HackTorial π°π°π°π°
ββ1 Million+ ProFTPD Servers Vulnerable To Remote Code Execution Attacks To A ProFTPD Vulnerability Lets Users Copy Files Without Permission
ProFTPD is an open-source and one of the most popular FTP server software used by more than one million servers all over the world. It comes pre-installed on several Linux and Unix-based distributions, including Debian. A German security researcher has revealed a security flaw that makes ProFTPD servers vulnerable to remote code execution attacks.
Tobias Madel reveals that the vulnerability exists in ProFTPDβs modcopy module which is supplied by default in the installation of the FTP server and is enabled by default in most operating systems.
This bug exists due to an incorrect access control issue in the modcopy module and can be exploited by an authenticated user without any write permission to copy files on the FTP server. This vulnerability can also be exploited if an anonymous user is enabled in the server settings.
SITE CPFR and SITE CPTO commands are the culprits behind this bug. These commands bypass the βLimit WRITEβ DenyAll directives which allow users without write permissions to copy files to a current folder.
All versions of ProFTPD have been affected by the bug labeled as CVE-2019-12815. However, version 1.3.6 is an exception and the bug can only be exploited in 1.3.6 if you install it from sources that have been compiled before 17th July 2019.
To evade this attack, server admins must disable the mod-copy module. ProFTPD has backported a patch to 1.3.6 version and has not released a new version with a fix for the issue yet.
Here Is The Temporary Fix : https://copir.net/how-to-fix-file-copy-vulnerability-in-mod_copy-in-proftpd-cve-2019-12815/
#ProFTPD #FTP #Vulnerability #RemoteCodeExecution #RCE #Fix #Bug #CVE201912815 #Hacktorial
π°π°π°π° @HackTorial π°π°π°π°
ProFTPD is an open-source and one of the most popular FTP server software used by more than one million servers all over the world. It comes pre-installed on several Linux and Unix-based distributions, including Debian. A German security researcher has revealed a security flaw that makes ProFTPD servers vulnerable to remote code execution attacks.
Tobias Madel reveals that the vulnerability exists in ProFTPDβs modcopy module which is supplied by default in the installation of the FTP server and is enabled by default in most operating systems.
This bug exists due to an incorrect access control issue in the modcopy module and can be exploited by an authenticated user without any write permission to copy files on the FTP server. This vulnerability can also be exploited if an anonymous user is enabled in the server settings.
SITE CPFR and SITE CPTO commands are the culprits behind this bug. These commands bypass the βLimit WRITEβ DenyAll directives which allow users without write permissions to copy files to a current folder.
All versions of ProFTPD have been affected by the bug labeled as CVE-2019-12815. However, version 1.3.6 is an exception and the bug can only be exploited in 1.3.6 if you install it from sources that have been compiled before 17th July 2019.
To evade this attack, server admins must disable the mod-copy module. ProFTPD has backported a patch to 1.3.6 version and has not released a new version with a fix for the issue yet.
Here Is The Temporary Fix : https://copir.net/how-to-fix-file-copy-vulnerability-in-mod_copy-in-proftpd-cve-2019-12815/
#ProFTPD #FTP #Vulnerability #RemoteCodeExecution #RCE #Fix #Bug #CVE201912815 #Hacktorial
π°π°π°π° @HackTorial π°π°π°π°