Hi,
Detailed at this blog post (with pics!) is a vulnerability within F5 BIG-IQ
4.1.0.2013.0.
http://volatile-minds.blogspot.com/2014/05/f5-big-iq-v41020130-authenticated.html
A module for this will be uploaded to ExploitHub this evening that will
change the root users password and log in over S
That's sad to hear that Security people aren't performing some type of risk
assessment / analysis on the vuln.
In my experience we identified a number of programs that were repeat
offenders and worked with the ops team to talk to the vendor. If that
didn't succeed the application packaging team w
Ironically, SNARE has this very problem.
Walt Williams
sent from my iPhone
Typos likely
> On Apr 30, 2014, at 17:51, Alton Blom wrote:
>
> Hi Stefan,
>
> SANS had a good post on this a few years ago (
> https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464),
> which led
"Gynvael Coldwind" wrote:
> Well spotted.
Thanks.
It's but a shame that such silly beginners errors are still present in
current software.
I didn't bother to look specifically for it since my "customers" and I
used german versions of Windows NT5.x until now, where %ProgramFiles%
is C:\Programme
> the current version of iTunes for Windows (and of course older versions
> too) associates the following vulnerable command lines with some of the
> supported file types/extensions:
They also install Bonjour and a couple of other services as NT
Authorty/SYSTEM, don't drop privileges, and open lis
Not necessarily, I’m just restating what is mentioned on the mitre post, which
I feel can be a bit misleading.
There are lots of “what if” scenarios involved in exploitation of this
vulnerability. And while I agree with you, the ultimate fix to all of these
problems is to execute only signed
The issue comes in when you have applications that do their own dynamic
updates. I’ve considered deploying individually targeted fixes across the
environment but applications such as the Juniper VPN client do their own update
when you connect to the VPN host, which means any fix one could make a
Brandon,
I find little difference between 'Administrator' and 'SYSTEM' privilege,
although there is one. Administrators can create system-privileged services
and applications with relative ease.
To quote from MITRE's argument on this issue,
http://cwe.mitre.org/data/definitions/428.html
"This we
I bring this up because this has been an extreme sore point on our network and
our security group utilizing the Nessus plugin. Attempting to explain to them
that UAC and the elevated privilege requirement makes this a non-issue is
falling on deaf ears to those that blindly follow what the scanne
Also, keep in mind that it isn't just C:\Program.exe
What if a privileged application used an insecure temp directory with a
space that allowed an attacker on the system to escalate to system?
Full blown exploits can take advantage of multiple vulnerabilities that
are relatively harmless in and o
Stupid people also share their C: drive on networks.
On 04/30/2014 05:17 PM, Alton Blom wrote:
> Hi Mike,
> It's probalby better seen as a way of keeping persistence on a machine than
> a full-blown exploit.
>
> Alton(ius)
> altonblom.com
> @altonius_au
>
>
> On Thu, May 1, 2014 at 8:05 AM, Mike C
11 matches
Mail list logo