CVE-2018-12333

Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.

Leave a comment Continue Reading →

CVE-2018-12334

Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.

Leave a comment Continue Reading →

CVE-2018-10997

Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.

Leave a comment Continue Reading →

CVE-2018-12329

Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning.

Leave a comment Continue Reading →

CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.

Leave a comment Continue Reading →

CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

Leave a comment Continue Reading →

CVE-2018-12326

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an […]

Leave a comment Continue Reading →

Encrypted Office Documents, (Sun, Jun 17th)

Last I had to analyze a malicious, encrypted Excel document, with a twist. It was using the encrypted file format for OOXML files (.docx, .xlsx, …), I knew this because of oledump‘s report: When an OOXML file is encrypted, it is stored inside an OLE file. Stream EncryptedPackage contains the encrypted document. Malware authors will […]

Leave a comment Continue Reading →

CVE-2018-12454

The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable (which can be read with a getStorageAt call). Therefore, it allows attackers to always win and get rewards.

Leave a comment Continue Reading →

CVE-2018-9859

The path of Whale update service was unquoted in NAVER Whale before 1.0.40.7. This vulnerability can be used for persistent privilege escalation if it’s available to create an executable file with System privilege by other vulnerable applications.

Leave a comment Continue Reading →