Independent – Page 221 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Wed, 03 Jan 2018 06:33:51 +0000

Vulnerabilities Summary The following advisory describes four (4) vulnerabilities found in Livebox Fibra router version AR_LBFIBRA_sp-00.03.04.112S. It is possible to chain the vulnerabilities into remote code execution. The “Livebox Fibra” router is “manufactured by Arcadyan for Orange and Jazztel in Spain” The vulnerabilities found in Arcadyan routers are: Unauthenticated configuration information leak Hard-coded credentials Memory … Continue reading SSD Advisory – Livebox Fibra (Orange Router) Multiple Vulnerabilities

Independent Securiteam

January 2, 2018 admin

Protected: Happy New Year – 2018

Credit to Author: SSD / Noam Rathaus| Date: Tue, 02 Jan 2018 14:35:57 +0000

There is no excerpt because this is a protected post.

Independent Krebs

January 2, 2018 admin

Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes

Credit to Author: BrianKrebs| Date: Tue, 02 Jan 2018 17:15:10 +0000

The individual who allegedly made a fake emergency call to Kansas police last week that summoned them to shoot and kill an unarmed local man has claimed credit for raising dozens of these dangerous false alarms — calling in bogus hostage situations and bomb threats at roughly 100 schools and at least 10 residences.

Independent Securiteam

January 1, 2018 admin

SSD Advisory – D-Link DSL-6850U Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Mon, 01 Jan 2018 10:41:38 +0000

Vulnerabilities Summary The following advisory describes two (2) vulnerabilities found in D-Link DSL-6850U versions BZ_1.00.01 – BZ_1.00.09. D-Link DSL-6850U is a router “manufactured by D-Link for Bezeq in Israel” The vulnerabilities found are: Default Credentials Remote Command Execution Credit An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor … Continue reading SSD Advisory – D-Link DSL-6850U Multiple Vulnerabilities

Independent Securiteam

December 31, 2017 admin

SSD安全公告-vBulletin routestring未经验证的远程代码执行

Credit to Author: SSD / Maor Schwartz| Date: Sun, 31 Dec 2017 06:31:17 +0000

漏洞概要以下安全公告描述了在vBulletin5中发现的一个未经身份验证的文件包含漏洞，成功利用该漏洞可造成远程代码执行。 vBulletin也称为vB，由vBulletin Solutions公司基于PHP和MySQL开发，广泛用于搭建网络论坛。 vBulletin为许多网络大型的社交网站提供技术支持，数量超过10万，其中包括财富500强和Alexa Top 1M公司的网站和论坛。根据最新的W3Techs1统计，vBulletin 4拥有超过55％的vBulletin市场份额，而vBulletin 3和vBulletin 5则占剩下的45％。漏洞提交者一位独立的安全研究人员向 Beyond Security 的 SSD 报告了该漏洞厂商响应自2017年11月21日起，我们多次尝试联系vBulletin，但是暂时没有得到回复。目前，漏洞暂时还没有解决方案。漏洞详细信息 vBulletin存在一个漏洞，导致远程攻击者可以从vBulletin服务器中包含任意文件并执行PHP代码。未经身份验证的用户可以向/index.php发送GET请求，然后使用参数routestring =触发文件包含漏洞。该请求允许攻击者向安装在Windows操作系统上的Vbulletin服务器创建精心制作的请求，并在Web服务器上包含任意文件。 /index.php 部分代码： [crayon-5a496258a4faa266544584/] 让我们仔细看看vB5_Frontend_Application :: init — /includes/vb5/frontend/application.php部分代码： [crayon-5a496258a4fb1671370675/] 我们可以看到setRoutes()被调用 /includes/vb5/frontend/routing.php部分代码： [crayon-5a496258a4fb4744772041/] 因此，如果我们的字符串不以’.gif，‘.png’，’.jpg’，’.css’或者‘.js’结尾并且不包含’/’字符，vBulletin会从vB5_Frontend_Controller_Relay中调用legacy() /includes/vb5/frontend/controller/relay.php部分代码： [crayon-5a496258a4fbd144806678/] 如果我们从Api_Interface_Collapsed类中检查relay() /include/api/interface/collapsed.php部分代码： [crayon-5a496258a4fbf779937258/] 正如我们所看到的，攻击者无法在$文件中使用“/”，所以不能在Linux上更改当前目录。但是对于Windows而言，可以使用’’作为路径分隔符，通过PHP包含任意所需的文件（也可以使用’ .. ’技巧）。如果我们想包含扩展名为’.gif’，’.png’，’.jpg’，’.css’或’.js’这样的文件，需要绕过setRoutes（）方法里面的过滤，绕过很容易，可以通过添加点（’.’）或空格（’%20’）到文件名来绕过。完整的漏洞证明我们可以通过发送下面的GET请求来检查服务器是否有漏洞： /index.php?routestring=.\ 如果回显是：那么服务器存在漏洞如果我们想要在服务器上的任何文件中注入一个php代码，我们可以使用access.log例如： /?LogINJ_START=< ?php phpinfo();?>LogINJ_END … Continue reading SSD安全公告-vBulletin routestring未经验证的远程代码执行

Independent Krebs

December 29, 2017 admin

Kansas Man Killed In ‘SWATting’ Attack

Credit to Author: BrianKrebs| Date: Fri, 29 Dec 2017 21:17:36 +0000

A 28-year-old Kansas man was shot and killed by police officers on the evening of Dec. 28 after someone fraudulently reported a hostage situation ongoing at his home. The false report was the latest in a dangerous hoax known as “swatting,” wherein the perpetrator falsely reports a dangerous situation at an address with the goal of prompting authorities to respond to that address with deadly force. This particular swatting reportedly originated over a $1.50 wagered match in the online game Call of Duty. Compounding the tragedy is that the man killed was an innocent party who had no part in the dispute. The following is an analysis of what is known so far about the incident, as well as a brief interview with the alleged and self-professed perpetrator of this crime.

Independent Krebs

December 29, 2017 admin

Happy 8th Birthday, KrebsOnSecurity!

Credit to Author: BrianKrebs| Date: Fri, 29 Dec 2017 15:29:37 +0000

Eight years ago today I set aside my Washington Post press badge and became an independent here at KrebsOnSecurity.com. What a wild ride it has been. Thank you all, Dear Readers, for sticking with me and for helping to build a terrific community.

Independent Krebs

December 28, 2017 admin

4 Years After Target, the Little Guy is the Target

Credit to Author: BrianKrebs| Date: Thu, 28 Dec 2017 15:36:55 +0000

Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion to see how organized cyber thieves have shifted from targeting big box retailers to hacking a broad swath of small to mid-sized merchants that accept credit cards.