Month: January 2017

Vulnerabilities Summary Cisco Mobile Services Engine (MSE) is a platform that helps organizations increase visibility into the network, customize location-based mobile services, and strengthen security. The following advisory describes Cisco MSE Pre-Authentication Code Execution (Cisco MSE version 8.0.100.0). Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor … Continue reading SSD Advisory – Cisco MSE Preauthentication Remote Code Execution →

Vulnerabilities Summary The following advisory describes four (4) vulnerabilities in DropBear. DropBear is a SSH server and client. It runs on a variety of POSIX-based platforms. DropBear is open source software, distributed under a MIT-style license. DropBear is particularly useful for “embedded”-type Linux (or other Unix) systems, such as wireless routers. The four vulnerabilities found … Continue reading SSD Advisory – DropBear Multiple Vulnerabilities →

Vulnerability Summary The following advisory describes Heap overflow vulnerability that can lead to remote code execution in Pervasive SQL server (Version 12.01.031.000). Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vulnerability Details Heap overflow vulnerability This vulnerability allows an attacker to overflow a heap buffer after Server-Client … Continue reading SSD Advisory – Pervasive SQL Heap Overflow →

Vulnerability Description BusyBox provides an arp applet which is missing an array bounds check for command-line parameter IFNAME. It is therefore vulnerable to a command-line based local stack buffer overwrite effectively allowing local users to write past a 16 bytes fixed stack buffer. This leads to two scenarios, one (A) where an IOCTL for GET_HW_ADDRESS … Continue reading SSD Advisory – BusyBox (local) cmdline stack buffer overwrite →

Happy new year everyone! One of our new year’s resolution is to promote the security community in different ways – sponsoring security conferences, publish new vulnerabilities and to write blog posts about leading security researchers that work and strengthen their local community. One of the best things of being part of the cyber security community … Continue reading Know your community – Orange Tsai →

Vulnerability Summary The following report describes a remote code execution vulnerability found in SwiftMailer. The vulnerability allows an attacker injecting sendmail program due to insufficient address sanitization. Swift Mailer integrates into any web app written in PHP 5, offering a flexible object-oriented approach to sending emails with a multitude of features Credit An independent security … Continue reading SSD Advisory – SwiftMailer Remote Code Execution →

Vulnerability Summary The following report describes a remote code execution vulnerability found in ZendMail. The vulnerability allows an attacker injecting additional parameters to the sendmail binary via the From address. Credit An independent security researcher Dawid Golunski (https://legalhackers.com/) has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vulnerability Details “ZendMail provides generalized functionality … Continue reading SSD Advisory – ZendMail Remote Code Execution Vulnerability →

Vulnerability Summary The following advisory describes four (4) vulnerabilities and default accounts / passwords in ZyXEL / Billion customized routers. TrueOnline is a major Internet Service Provider in Thailand that provides customized versions of routers to its customers, free of charge. The routers are manufactured by ZyXEL and Billion runs a special Linux distribution called … Continue reading SSD Advisory – ZyXEL / Billion Multiple Vulnerabilities →