SSD Advisory – ZTE ZXDSL Configuration Reset

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
The following advisory describes a configuration reset vulnerability found in ZTE ZXDSL 831CII version 6.2.

ZXDSL 831CII is “an ADSL access device to support multiple line modes. It supports ADSL2/ADSL2+ and is backward compatible to ADSL, even offers auto-negotiation capability for different flavors (G.dmt, T1.413 Issue 2) according to central office DSLAM’s settings (Digital Subscriber Line Access Multiplexer). It provides four 10/100Base-T Ethernet interfaces at the user end. Utilizing the high-speed ADSL connection, the ZXDSL 831CII can provide users with broadband connectivity to the Internet.”

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor response
ZTE was informed of the vulnerability, their response was: “According to the related product team reply, the affected product 831CII V6.2 has already ended sales and is no longer maintained by ZTE in 2011.

831CII V2.0, the substitute product of 831CII V6.2, has also already been out of the service in 2015.

Right now, 831CII V2.0’s substitute product is ZXHN H108 V2.5.”

Continue reading SSD Advisory – ZTE ZXDSL Configuration Reset

SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

Vulnerability Summary
The following advisory describes a remote command execution vulnerability found in Synology StorageManager.

Storage Manager is “a management application that helps you organize and monitor the storage capacity on your Synology NAS. Depending on the model and number of installed hard drives, Storage Manager helps you accomplish the following tasks:

  • Create different types of RAID and non-RAID storage configurations, such as volumes, disk/RAID groups, iSCSI LUNs, and iSCSI Targets.
  • Monitor the overall storage usage of your Synology NAS.
  • Inspect the health of installed hard drives and solid state drives.
  • Use advanced options, such as hot spare drives, SSD TRIM, SSD cache, and more.”

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program

Vendor response
Synology has released patches to address this vulnerability – DSM 5.2-5967-5

For more information: https://www.synology.com/en-global/releaseNote/DS210+

Continue reading SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution

SSD安全公告–Linux内核AF_PACKET 释放后重用漏洞

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

漏洞概要

以下安全公告描述了在Linux内核的AF_PACKET中存在的一个UAF漏洞,成功利用该漏洞可能导致权限提升。

AF_PACKET套接字”允许用户在设备驱动层发送或者接收数据包”。例如,用户可以在物理层之上实现自己的协议,或者嗅探包含以太网或更高层协议头的数据包。

漏洞提交者

一名独立的安全研究人员发现并向 Beyond Security 的 SSD 报告了该漏洞。

厂商响应

更新一

CVE:CVE-2017-15649

“该漏洞很可能已经通过以下方式修复了:

packet: 重新绑定fanout hook时保持绑定锁定 – http://patchwork.ozlabs.org/patch/813945/

与此相关,但未合并的是

packet:在packet_do_bind函数中,使用bind_lock测试fanout – http://patchwork.ozlabs.org/patch/818726/

我们验证了在v4.14-rc2上不会触发该漏洞,但在第一次commit(008ba2a13f2d)上测试成功。”

Continue reading SSD安全公告–Linux内核AF_PACKET 释放后重用漏洞

SSD安全公告–Ikraus Anti Virus 远程代码执行漏洞

Want to get paid for a vulnerability similar to this one?
Contact us at: sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom
See our full scope at: https://blogs.securiteam.com/index.php/product_scope

漏洞概要

以下安全公告描述了在Ikraus Anti Virus 2.16.7中发现的一个远程代码执行漏洞。

KARUS anti.virus“可以保护你的个人数据和PC免受各种恶意软件的入侵。此外,反垃圾邮件模块可以保护用户免受垃圾邮件和电子邮件中的恶意软件攻击。 选择获奖的IKARUS扫描引擎,可以有效保护自己免受网络犯罪分子的侵害。 IKARUS是世界上最好的扫描引擎,它每天都在检测未知和已知的威胁。

漏洞提交者

一位独立的安全研究人员向 Beyond Security 的 SSD 报告了该漏洞

厂商响应

更新一

CVE: CVE-2017-15643

厂商已经发布了这些漏洞的补丁。获取更多信息:
https://www.ikarussecurity.com/about-ikarus/security-blog/vulnerability-in-windows-antivirus-products-ik-sa-2017-0001/

Continue reading SSD安全公告–Ikraus Anti Virus 远程代码执行漏洞