SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5.

“The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.”

The vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance:

  1. XML External Entity (XXE) that lead to arbitrary file disclosure
  2. Local Privilege Escalation
  3. Remote code execution

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Trend Micro has released patches to address these vulnerabilities and issued the following advisory: https://success.trendmicro.com/solution/1117412

Continue reading SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary

KEMP’s main product, the LoadMaster, is a load balancer built on its own proprietary software platform called LMOS, that enables it to run on almost any platform: As a KEMP LoadMaster appliance, a Virtual LoadMaster (VLM) deployed on Hyper-V, VMWare, on bare metal or in the public cloud. KEMP is available in Azure, where it is in the top 15 deployed applications as well as in AWS and VMWare vCloud Air.

A cross site scripting web vulnerability has been discovered in KEMP LoadMaster v7.135.0.13245 (latest). A non authenticated user is able to inject his own malicious Javascript code into the system and use it to create a new web administrator user.

Vendor response
We were unable to get an update beyond this statement from the vendor:
Expect a fix in our new version available Jan 2017.

Continue reading SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerabilities Summary
The following advisory describes two (2) vulnerabilities found in Linksys EA, XAC and AC series devices.

The vulnerabilities has been found in the way the Linksys devices (EA, XAC and AC series) handle the Point-to-point protocol over Ethernet (PPPoE) Discovery (PPPoED) process allowing an unprivileged active attacker on the same network segment (layer2) to inject arbitrary shell commands by answering PPPoE Active Discovery probe requests (PADI) with a malicious PPPoE Active Discovery Offer (PADO). The exact same code is also vulnerable to a buffer overwrite.

The vulnerabilities are:

  • Command Injection
  • Buffer Overwrite

Credit
An independent security researcher, 0x721427D8, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor Responses
Linksys has released patches to address this vulnerability.

Continue reading SSD Advisory – Linksys PPPoE Multiple Vulnerabilities

SSD Advisory – AlienVault OSSIM / USM Remote Command Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom

Vulnerability Summary
The following advisory describes a Remote Command Execution vulnerability found in AlientVault OSSIM and USM version 5.3.4 and version 5.3.5.

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Launched by security engineers because of the lack of available open source products, OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

AlienVault Unified Security Management (USM) is a comprehensive approach to security monitoring, delivered in a unified platform. The USM platform includes five essential security capabilities that provide resource-constrained organizations with all the security essentials needed for effective threat detection, incident response, and compliance, in a single pane of glass.

Designed to monitor cloud, hybrid cloud and on-premises environments, AlienVault USM significantly reduces complexity and deployment time so that you can go from installation to first insight in minutes – talk about fast threat detection!

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor Responses
“We have confirmed that this issue impacts v5.3.4 and v5.3.5 of OSSIM and USM. As a result, we will be pushing a hotfix release (v5.3.6) to all users which will patch this vulnerability” for more details you can see the release notes released here: https://www.alienvault.com/forums/discussion/8415/alienvault-v5-3-6-hotfix-important-update

Continue reading SSD Advisory – AlienVault OSSIM / USM Remote Command Execution