Tag: Privilege Escalation

Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.

SSD Advisory – Linux Kernel AF_PACKET Use-After-Free

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities summary
The following advisory describes a use-after-free vulnerability found in Linux Kernel’s implementation of AF_PACKET that can lead to privilege escalation.

AF_PACKET sockets “allow users to send or receive packets on the device driver level. This for example lets them to implement their own protocol on top of the physical layer or to sniff packets including Ethernet and higher levels protocol headers”

Credit
The vulnerability was discovered by an independent security researcher which reported this vulnerabilities to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
“It is quite likely that this is already fixed by:
packet: hold bind lock when rebinding to fanout hook – http://patchwork.ozlabs.org/patch/813945/

Also relevant, but not yet merged is
packet: in packet_do_bind, test fanout with bind_lock held – http://patchwork.ozlabs.org/patch/818726/

We verified that this does not trigger on v4.14-rc2, but does trigger when reverting that first mentioned commit (008ba2a13f2d).”

Continue reading SSD Advisory – Linux Kernel AF_PACKET Use-After-Free

SSD Advisory – 360 Total Security Privileged Escalation

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes an Privileged Escalation vulnerability found in 360 Total Security.

360 Total Security offers your PC complete protection from Viruses, Trojans and other emerging threats.

Whether you are shopping online, downloading files or chatting with your friends you can be sure that 360 Total Security is there to keep you safe and your computer optimized. Clean-up utility is just one click away to keep your PC in optimal condition.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
The vendor has released patches to address this vulnerability and has only provided these details in response to our query on the status: “We will release this patch on 7/7”

CVE: CVE-2017-12653

Continue reading SSD Advisory – 360 Total Security Privileged Escalation

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5.

“The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.”

The vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance:

  1. XML External Entity (XXE) that lead to arbitrary file disclosure
  2. Local Privilege Escalation
  3. Remote code execution

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Trend Micro has released patches to address these vulnerabilities and issued the following advisory: https://success.trendmicro.com/solution/1117412

Continue reading SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

SSD Advisory – Serviio Media Server Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes a five (5) vulnerabilities found in Serviio Media Server. Affected version: 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1.

Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network.

Serviio works with many devices from your connected home (TV, Playstation 3, XBox 360, smart phones, tablets, etc.). It supports profiles for particular devices so that it can be tuned to maximise the device’s potential and/or minimize lack of media format playback support (via transcoding).

Serviio is based on Java technology and therefore runs on most platforms, including Windows, Mac and Linux (incl. embedded systems, e.g. NAS).

The vulnerabilities found in Serviio Media Server are:

  • Remote Code Execution
  • Local Privilege Escalation
  • Unauthenticated Password Modification
  • Information Disclosure
  • DOM-Based Cross-Site Scripting (XSS)

Credit
An independent security researcher Gjoko Krstic from Zero Science Lab has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
We have tried on numerous occasions over the past two months to contact the vendor, all emails sent to them went unanswered.

Continue reading SSD Advisory – Serviio Media Server Multiple Vulnerabilities