08-05

August 5, 2019

The Cyber WAR (Weekly Awareness Report) is an Open Source Intelligence AKA OSINT resource focusing on advancedpersistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime categorydirected at both business and political targets. Attack vectors include system compromise, social engineering, and eventraditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary

Symantec ThreatCon Low: Basic network posture

This condition applies when there is no discernible network incident activity and no maliciouscode activity with a moderate or severe risk rating. Under these conditions, only a routinesecurity posture, designed to defeat normal network threats, is warranted. Automated systemsand alerting mechanisms should be used.

Sophos: Last Malware* Troj/Nanoco-UO* Troj/Fareit-IMB* JS/Drop-BGW* Troj/TrikBot-EF* Troj/Formboo-QH* Troj/Fareit-IMA* VBS/Drop-BGV* Troj/MDrop-IUT* Troj/Agent-BCFU* Troj/MSIL-MOQ

Last PUAs* Chrome Dll* Windows Kernel Explorer* MultiInstall* Mughthesec* CrescentCore* OpenCandy* VKontakteDJ* IStartSurfInstaller* CtrQ (Adware Update)* UltraDownloader

Interesting News

* APT trends report Q2 2019The quarterly summaries of APT activity are based on our threat intelligence research and provide a representativesnapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment,focusing on activities that we observed during Q2 2019.

* * The IWC Academy has been officially released this month! We currently have a Red Team Operator track coveringcertifications including Security+, CEHv10, CySA+, & Pentest+, and specialized courses. Contact us for details. We areworking on a Cyber Forensics Linux distribution called CSI Linux. Visit our FaceBook Group and YouTube Channel,Subscribe to both! As always, if you have any suggestions, feel free to let us know. If you would like to receive the CIRupdates by email, Subscribe at: CIR@informationwarfarecenter.com

Index of Sections

Current News

* Packet Storm Security

* Krebs on Security

* Dark Reading

* The Hacker News

* Security Week

* Infosecurity Magazine

* Naked Security

* Quick Heal - Security Simplified

* Threat Post

The Hacker Corner:

* Security Conferences

* Zone-H Latest Published Website Defacements

Tools & Techniques

* Packet Storm Security Latest Published Tools

* Kali Linux Tutorials

* GBHackers Analysis

Exploits and Proof of Concepts

* Packet Storm Security Latest Published Exploits

* Exploit Database Releases

Advisories

* US-Cert (Current Activity-Alerts-Bulletins)

* Symantec's Latest List

* Packet Storm Security's Latest List

Credits

Packet Storm Security

* Equifax And Beyond: A List Of Major Breaches* It's Hacker Summer Camp This Week - Expect Searches For Guns In Your Hotel Room* LookBack Malware Targeting Utility Sector* Trump Withdraws Ratcliffe Nomination For DNI* The Equifax Settlement Is A Cruel Joke* Apple Halts Practice Of Contractors Listening In To Users On Siri* Feinstein's New Bill Seeks To Prevent Another Cambridge Analytica* Poshmark Says Hacker Stole Customer Details* Cisco To Pay $8.6 Million To Settle Whistle Blower Case* Honda Motors Exposed 40GB Of Employee Data* You're Probably Not Going To Get $125 From The Equifax Settlement* Edward Snowden Is Releasing A Memoir Later This Year* New Mirai Botnet Lurks In The Tor Network* Black Hat USA 2019 Preview* Sephora Reports Data Breach, But Few Details* iPhone Bluetooth Traffic Leaks Phone Numbers In Some Cases* Data For Thousands Compromised In Lancaster Uni Breach* Capital One Shares Drop On Questions Over Hack* LAPD Loses Data On Thousands Of Cops In Breach* Google Reveals Fistful Of Flaws In Apple's iMessage App* Capital One Hacker Stole Data Of Over 100 Million Americans* Urgent11 Security Flaws Impact Routers, Printers, SCADA, And Many IoT Devices* Rights Group Loses Mass Surveillance Appeal In High Court* What Is Facial Recognition And How Sinister Is It?* Coats To Leave, Trump Will Name Ratcliffe As DNI

Krebs on Security

* The Risk of Weak Online Banking Passwords* What We Can Learn from the Capital One Hack* Capital One Data Theft Impacts 106M People* No Jail Time for "WannaCry Hero”* The Unsexy Threat to Election Security* Neo-Nazi SWATters Target Dozens of Journalists* What You Should Know About the Equifax Data Breach Settlement* QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack* Party Like a Russian, Carder's Edition* Meet the World's Biggest 'Bulletproof' Hoster

Dark Reading

* Ransomware Used in Multimillion-Dollar Attacks Gets More Automated* Destructive Malware Attacks Up 200% in 2019* Database of 200M-Plus Potential 'Sextortion' Victims Published* Microsoft Opens Azure Security Lab, Raises Top Azure Bounty to $40K* Fighting Back Against Mobile Fraudsters * 8 Head-Turning Ransomware Attacks to Hit City Governments* Dark Reading News Desk Live at Black Hat USA 2019* How to Keep Your Web Servers Secure* How Do I Monitor for Malicious Insiders?* US Utilities Hit with Phishing Attack* Capital One: What We Should Learn This Time* Black Hat: A Summer Break from the Mundane and Controllable* Learn to Safeguard Critical Industrial Targets at Black Hat USA* Why Every Organization Needs an Incident Response Plan* Cisco Pays $8.6M in First False Claims Suit for Vulnerabilities in Security Product* 47% of Android Anti-Malware Apps Are Flawed* PCI Security Council, Retail ISAC Warn Retailers on Magecart Attacks* DARPA to Bring its Smart Ballot Boxes to DEF CON for Hacking* 1M Payment Cards Exposed in South Korea Breach* Researcher Find Open 'Road Map' to Honda Computers

The Hacker News

* Researchers Discover New Ways to Hack WPA3 Protected WiFi Passwords* Cisco 'Knowingly' Sold Hackable Video Surveillance System to U.S. Government* DHS Warns Small Airplanes Vulnerable to Flight Data Manipulation Attacks* Critical Flaws in 'OXID eShop' Software Expose eCommerce Sites to Hacking* Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws* Capital One Data Breach Affects 106 Million Customers; Hacker Arrested* Critical Flaws Found in VxWorks RTOS That Powers Over 2 Billion Devices* Viral FaceApp Unnecessarily Requests Access to Users' Facebook Friends List* Judge Rules No Jail Time for WannaCry 'Killer' Marcus Hutchins, a.k.a. MalwareTech* Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)* Ransomware Attack Caused Power Outages in the Biggest South African City* Silk Road Admin Sentenced to 78 Months in Prison On Drug Trafficking Charges* Your Android Phone Can Get Hacked Just By Playing This Video* Popular Malware Families Using 'Process Doppelgänging' to Evade Detection* Linux Botnet Adding BlueKeep-Flawed Windows RDP Servers to Its Target List

Security Week

* ID Theft Stings, But it's Hard to Pin on Specific Data Hacks* Industrial Giants Respond to 'Urgent/11' Vulnerabilities* JIRA Misconfiguration Leaks Data of Fortune 500 Companies* Connected Cars Could be a Threat to National Security, Group Claims* Organizations Lack Confidence in Securing IoT, Survey Shows* Google, ARM Boost Android Security With Memory Tagging Extension* 'Machete' Cyberspies Target Military in Venezuela, Ecuador* VMware Patches Potentially Serious Pixel Shader Vulnerabilities* New Mirai Variant Hides C&C Server on Tor Network* Nine Distinct Threat Groups Targeting Industrial Systems: Dragos* New "LookBack" Malware Used in Attacks Against U.S. Utilities Sector* Unprotected Database Exposes Details of Honda's Internal Network* Congress Wants Capital One, Amazon to Explain Data Breach* Economics of Ransomware - To Pay Or Not To Pay?* Faked Facebook Accounts Linked to Saudi Arabia, Mideast Region* Scammers Grab $2.5 Million From North Carolina County in BEC Scam* Google Releases Beta of Anomaly Detection for G Suite Customers * FTC Warns Cash Option May be Small for Equifax Settlement* Former NSA Contractor Edward Snowden Publishing Memoir* How to Prep Your Security Strategy for Today's Cyber Risks

Infosecurity Magazine

* BEC Scammers Cost US Universities Over $872K* Over Two Million Online Records Held to Ransom* Destructive Malware Goes Mainstream as Attacks Soar 200%* BSides Manchester Hits Back at Sponsor Influence Claims* Initiative Launched to Protect Automotive Supply Chain* DCMS Committee Request Further Facebook Details on Cambridge Analytica Investigation* 70% of Orgs Will Use Security-as-a-Service by 2021* Vendor Blocks 65,000 Magecart Data Theft Attempts in July* (ISC)2 Granted Approved Professional Organization Status by HMRC* Bug Bounties Paid for Deep Testing and Less for Traditional Flaws* PCI Council & Retail ISAC Issue Magecart Warning* Honda Exposes 40GB of Company Data

Naked Security

* Google and Apple suspend contractor access to voice recordings* Hackers exploit SMS gateways to text millions of US numbers* FileZilla fixes show how far we've come since Heartbleed* Monday review - the hot 20 stories of the week* S2 Ep2: EvilGnome, leaky browser add-ons and BlueKeep - Naked Security Podcast* Space agency uses Raspberry Pi to solve satellite encryption puzzle* 4 million Club Penguin Rewritten accounts exposed in breach* Anime filter glitches, exposing face of one extremely smart vlogger* Facebook is working on mind-reading* Researchers hack camera in fake video attack

Quick Heal - Security Simplified

* MegaCortex Returns…* Trinity Miner using open ADB port to target IoT devices* Webcam Hacking - How to prevent webcam from hacking into your privacy?* Ransomware As A Tool - LockerGoga* Beware! Email attachments can make you victim of spear phishing attacks* The website I visited behaves weirdly. I wonder if I'm hacked?* Beware! The padlock icon and HTTPS are no more indicators of safe website* What makes Quick Heal's Next Generation Suite of Features a SMART choice to protect your privacy?* APT-27 like Newcore RAT, Virut exploiting MySQL for targeted attacks on enterprise* CVE-2019-11815: Experts discovered a privilege escalation vulnerability in the Linux Kernel

Threat Post

* E3 Website Leaks Private Addresses for Thousands of Journalists* Puzzling Gwmndy Botnet Focuses on Low-Volume Proxy Connections* Microsoft Lab Offers $300K For Working Azure Exploits* Google and ARM Tackle Android Bugs with Memory-Tagging* MegaCortex Ransomware Revamps for Mass Distribution* Critical Bug in Android Antivirus Exposes Address Books* Nation-State APTs Target U.S. Utilities With Dangerous Malware* 90% of Enterprise iPhone Users Open to iMessage Spy Attack* Apple Suspends Siri Program After Privacy Backlash* Brand-New SystemBC Proxy Malware Spotted Using SOCKS5 for Stealth

The Hacker Corner

Conferences

* Advertising Landing Page Copy/Form* Apply: FREE 6 Month InfoSec Speaking Plan* Apply: FREE 6 Month InfoSec Speaking Plan* How To Speak At DEF CON* Join Our LinkedIn Group* Upcoming Cybersecurity Conferences in the United States & Canada* Upcoming Cybersecurity Conferences in Europe* 29 Amazing TED Cybersecurity Talks (2008 - 2020)* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy* An Interview with Jack Daniel: Co-Founder of BSides!

Latest Website Defacements

* http://umingan.gov.ph/rx.html* http://informatica.niteroi.rj.gov.br/urbanismo/* http://gpweb.niteroi.rj.gov.br/anexos/* http://opc.maryland.gov* http://www.opc.state.md.us* https://linktestext.chandleraz.gov* https://utilityservices.chandleraz.gov* http://www.crmc.med.cuhk.edu.hk/026.html* http://www.crmo.med.cuhk.edu.hk/026.html* https://www.p1ctc.med.cuhk.edu.hk/026.html* http://aitc.gov.np* https://watercorporation.go.ke/BD.txt* http://yc-mis.comesa.int/BD.txt* http://ycmis-tr.comesa.int/BD.txt* http://ycmis.comesa.int/BD.txt* http://rctg-ug.comesa.int/BD.txt* http://rctg-new.comesa.int/BD.txt* http://staff.transnzoia.go.ke/BD.txt* http://publicserviceboard.transnzoia.go.ke/BD.txt* http://kusp.transnzoia.go.ke/BD.txt

Tools & Techniques

Packet Storm Security Tools Links

* SQLMAP - Automatic SQL Injection Tool 1.3.8* Clam AntiVirus Toolkit 0.101.3* Phishing Simulation* Falco 0.17.0* Mandos Encrypted File System Unattended Reboot Utility 1.8.5* Scapy Packet Manipulation Tool 2.4.3rc4* Logwatch 7.5.2* Wireshark Analyzer 3.0.3* Falco 0.16.0* GNU Privacy Guard 2.2.17

Kali Linux Tutorials

* Usbrip : Simple CLI Forensics Tool For Tracking USB Device Artifacts* MSNM Sensor - Multivariate Statistical Network Monitoring Sensor* W13Scan : Passive Security Scanner Linux/Windows/Mac Systems* Slurp : Evaluate The Security Of S3 Buckets* Buster : Find Emails Of A Person And Return Information Associated With Them* WDExtract : Extract Windows Defender database* Weebdns : DNS Enumeration with Asynchronicity* RedGhost : Linux Post Exploitation Framework* Recon NG : Open Source Intelligence Gathering Tool Aimed At Reducing The Time Spent HarvestingInformation From Open Sources* Python Uncompyle6 - A Cross-Version Python Bytecode Decompiler

GBHackers Analysis

* Critical Remote Code Execution Vulnerability in DHCP Client Let Hackers Take Control of the Network* Unpatched RCE Vulnerability in LibreOffice Let Hackers Take Complete Control Of Your Computer* Critical Account Take over Vulnerability Allows to Hack Your Instagram Account within 10 Minutes* Multiple Vulnerabilities Affected Lenovo's Server Infrastructure that allows Hackers to Execute Malicious Code* 8 World's Biggest Tech Giants Including TCS, CSC, HPE, NTT Data Hacked by Chinese GovernmentSponsored Hackers

Proof of Concept (PoC) & Exploits

Packet Storm Security

* Active PHP Bookmarks 1.3 SQL Injection* CentOS Control Web Panel 0.9.8.846 Cross Site Scripting* CentOS Control Web Panel 0.9.8.840 User Enumeration* CentOS Control Web Panel 0.9.8.836 Remote Command Execution* iMessage URL Deserializing Heap Overflow* KDE 4/5 KDesktopFile Command Injection* ATutor 2.2.4 Arbitrary File Upload / Command Execution* Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution* ATutor 2.2.4 Backup Remote Command Execution* Apache Tika 1.17 Header Command Injection* Microsoft Windows PowerShell Command Execution* 1CRM On-Premise Software 8.5.7 Cross Site Scripting* Sar2HTML 3.2.1 Remote Command Execution* College Notes Management System 1.0 Cross Site Request Forgery* Rest Cafe And Restaurant Website CMS SQL Injection* Packet Storm New Exploits For July, 2019* Ultimate Loan Manager 2.0 Cross Site Scripting* Cisco Catalyst 3850 Series Device Manager 3.6.10E Cross Site Request Forgery* WebIncorp ERP SQL Injection* Oracle Hyperion Planning 11.1.2.3 XML Injection* D-Link 6600-AP XSS / DoS / Information Disclosure* iMessage NSKnownKeysDictionary1 Memory Corruption* iMessage NSArray Deserialization* iMessage NSKeyedUnarchiver Deserialization* WordPress WP Fastest Cache 0.8.9.5 Directory Traversal

Proof of Concept (PoC) & Exploits

Exploit Database

* [remote] ARMBot Botnet - Arbitrary Code Execution* [remote] Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)* [dos] macOS iMessage - Heap Overflow when Deserializing* [webapps] 1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting* [webapps] Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection* [webapps] Sar2HTML 3.2.1 - Remote Command Execution* [webapps] Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery* [webapps] WebIncorp ERP - SQL injection* [webapps] Ultimate Loan Manager 2.0 - Cross-Site Scripting* [webapps] Oracle Hyperion Planning 11.1.2.3 - XML External Entity* [remote] Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)* [dos] iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects* [dos] iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1* [dos] iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References* [dos] macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles* [dos] macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property AccessUnguarded* [dos] macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when UnarchivingOITSUIntDictionary Instances* [webapps] Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming* [remote] WordPress Plugin Database Backup * [remote] Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)* [webapps] GigToDo 1.3 - Cross-Site Scripting* [webapps] WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting* [webapps] WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery* [webapps] Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection* [webapps] Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution(Metasploit)

AdvisoriesUS-Cert Alerts & bulletins

* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability* AA19-122A: New Exploits for Unsecure SAP Systems* AA19-024A: DNS Infrastructure Hijacking Campaign* Vulnerability Summary for the Week of July 29, 2019* Vulnerability Summary for the Week of July 22, 2019* Vulnerability Summary for the Week of July 15, 2019

Symantec - Latest List

* Microsoft Edge Chakra Scripting Engine CVE-2019-1107 Remote Memory Corruption Vulnerability* Microsoft Windows WLAN Service CVE-2019-1085 Local Privilege Escalation Vulnerability* Microsoft Windows CVE-2019-1082 Local Privilege Escalation Vulnerability* Microsoft Windows CVE-2019-1074 Local Privilege Escalation Vulnerability* Microsoft Windows Error Reporting CVE-2019-1037 Local Privilege Escalation Vulnerability* Microsoft Windows Win32k CVE-2019-1132 Local Privilege Escalation Vulnerability* Microsoft Windows WCF/WIF SAML Token CVE-2019-1006 Authentication Bypass Vulnerability* Microsoft Windows DirectX CVE-2019-0999 Local Privilege Escalation Vulnerability* Microsoft Windows Active Directory Federation Services CVE-2019-1126 Security Bypass Vulnerability* Microsoft Windows ADFS CVE-2019-0975 Security Bypass Vulnerability* Microsoft Windows Hyper-V CVE-2019-0966 Denial of Service Vulnerability* Microsoft Windows Remote Desktop Protocol Client CVE-2019-1108 Information Disclosure Vulnerability* Microsoft Windows Remote Desktop Services CVE-2019-0887 Remote Code Execution Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-1106 Remote Memory Corruption Vulnerability* Microsoft Windows Win32k CVE-2019-1096 Local Information Disclosure Vulnerability* Microsoft Windows Kernel CVE-2019-1073 Local Information Disclosure Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-1103 Remote Memory Corruption Vulnerability* Microsoft Windows Kernel CVE-2019-1071 Local Information Disclosure Vulnerability* Microsoft Azure Automation CVE-2019-0962 Local Privilege Escalation Vulnerability* Microsoft Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-1092 Remote Memory Corruption Vulnerability* Microsoft Visual Studio CVE-2019-1079 XML External Entity Information Disclosure Vulnerability* Microsoft Visual Studio CVE-2019-1077 Local Privilege Escalation Vulnerability* Microsoft Edge Chakra Scripting Engine CVE-2019-1062 Remote Memory Corruption Vulnerability* Microsoft Exchange Server CVE-2019-1137 Spoofing Vulnerability* Microsoft Team Foundation Server CVE-2019-1076 Cross Site Scripting Vulnerability

AdvisoriesPacket Storm Security - Latest List

Ubuntu Security Notice USN-4058-2Ubuntu Security Notice 4058-2 - USN-4058-1 fixed a vulnerability in bash. This update provides thecorresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Bash incorrectlyhandled the restricted shell. An attacker could possibly use this issue to escape restrictions and execute anycommand. Various other issues were also addressed.Debian Security Advisory 4491-1Debian Linux Security Advisory 4491-1 - Tobias Maedel discovered that the mod_copy module of ProFTPD, aFTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.Avira Free Security Suite 2019 Software Updater 2.0.6.13175 Improper Access ControlAvira Free Security Suite 2019 Software Updater version 2.0.6.13175 suffers from an improper access controlthat allows for arbitrary file write that can allow an unprivileged user to obtain SYSTEM privileges.Gentoo Linux Security Advisory 201908-02Gentoo Linux Security Advisory 201908-2 - Multiple vulnerabilities have been found in libpng, the worst ofwhich could result in a Denial of Service condition. Versions less than 1.6.37:0 are affected.Gentoo Linux Security Advisory 201908-01Gentoo Linux Security Advisory 201908-1 - Multiple vulnerabilities have been found in Binutils, the worst ofwhich may allow remote attackers to cause a Denial of Service condition. Versions less than 2.32-r1 areaffected.Slackware Security Advisory - mariadb UpdatesSlackware Security Advisory - New mariadb packages are available for Slackware 14.1 and -current to fixsecurity issues. Ubuntu Security Notice USN-4079-2Ubuntu Security Notice 4079-2 - USN-4079-1 fixed vulnerabilities in SoX. This update provides thecorresponding update for Ubuntu 18.04 LTS and Ubuntu 19.04. It was discovered that SoX incorrectly handledcertain MP3 files. An attacker could possibly use this issue to cause a denial of service. Various other issueswere also addressed.Ubuntu Security Notice USN-4085-1Ubuntu Security Notice 4085-1 - Mike Salvatore discovered that Sigil mishandled certain malformed EPUBfiles. An attacker could use this vulnerability to write arbitrary files to the filesystem.Ubuntu Security Notice USN-4084-1Ubuntu Security Notice 4084-1 - It was discovered that Django incorrectly handled the Truncator function. Aremote attacker could possibly use this issue to cause Django to consume resources, leading to a denial ofservice. It was discovered that Django incorrectly handled the strip_tags function. A remote attacker couldpossibly use this issue to cause Django to consume resources, leading to a denial of service. It was discoveredthat Django incorrectly handled certain lookups in the PostgreSQL support. A remote attacker could possiblyuse this issue to perform SQL injection attacks. Various other issues were also addressed.Ubuntu Security Notice USN-4083-1

Ubuntu Security Notice 4083-1 - It was discovered that OpenJDK did not sufficiently validate serial streamsbefore deserializing suppressed exceptions in some situations. An attacker could use this to specially craft anobject that, when deserialized, would cause a denial of service. It was discovered that in some situationsOpenJDK did not properly bound the amount of memory allocated during object deserialization. An attackercould use this to specially craft an object that, when deserialized, would cause a denial of service. Variousother issues were also addressed.Red Hat Security Advisory 2019-2003-01Red Hat Security Advisory 2019-2003-01 - The IcedTea-Web project provides a Java web browser plug-in andan implementation of Java Web Start, which is based on the Netx project. It also contains a configuration toolfor managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now alsocontains PolicyEditor - a simple tool to configure Java policies. Issues addressed include a traversalvulnerability.Veritas Resiliency Platform (VRP) Traversal / Command ExecutionVeritas Resiliency Platform (VRP) suffers from cross site scripting, command execution, and directory traversalvulnerabilities. Versions prior to VRP 3.3.2 HF14 are affected.Ubuntu Security Notice USN-4082-1Ubuntu Security Notice 4082-1 - Ace Olszowka discovered that Subversion incorrectly handled certainsvnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in adenial of service. Tomas Bortoli discovered that Subversion incorrectly handled certain svnserve requests. Aremote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service.Various other issues were also addressed.Ubuntu Security Notice USN-4081-1Ubuntu Security Notice 4081-1 - It was discovered that Pango incorrectly handled certain inputs. An attackercould possibly use this issue to execute arbitrary code.Red Hat Security Advisory 2019-2004-01Red Hat Security Advisory 2019-2004-01 - The IcedTea-Web project provides a Java web browser plug-in andan implementation of Java Web Start, which is based on the Netx project. It also contains a configuration toolfor managing deployment settings for the plug-in and Web Start implementations. IcedTea-Web now alsocontains PolicyEditor - a simple tool to configure Java policies. Issues addressed include a traversalvulnerability.Ubuntu Security Notice USN-4069-2Ubuntu Security Notice 4069-2 - USN-4069-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. Thisupdate provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.04 forUbuntu 18.04 LTS. It was discovered that an integer overflow existed in the Linux kernel when referencecounting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial ofservice or possibly execute arbitrary code. Various other issues were also addressed.Debian Security Advisory 4490-1Debian Linux Security Advisory 4490-1 - Several vulnerabilities were discovered in Subversion, a versioncontrol system.Ubuntu Security Notice USN-4080-1Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was notsufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information.It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressedexceptions in some situations. An attacker could use this to specially craft an object that, when deserialized,would cause a denial of service. Various other issues were also addressed.Ubuntu Security Notice USN-4079-1Ubuntu Security Notice 4079-1 - It was discovered that SoX incorrectly handled certain MP3 files. An attackercould possibly use this issue to cause a denial of service.Red Hat Security Advisory 2019-1951-01

Red Hat Security Advisory 2019-1951-01 - Network Security Services is a set of libraries designed to supportthe cross-platform development of security-enabled client and server applications. Netscape Portable Runtimeprovides platform independence for non-GUI operating system facilities. Issues addressed include denial ofservice and null pointer vulnerabilities.Ubuntu Security Notice USN-4078-1Ubuntu Security Notice 4078-1 - It was discovered that OpenLDAP incorrectly handled rootDN delegation. Adatabase administrator could use this issue to request authorization as an identity from another database,contrary to expectations. It was discovered that OpenLDAP incorrectly handled SASL authentication andsession encryption. After a first SASL bind was completed, it was possible to obtain access by performingsimple binds, contrary to expectations. Various other issues were also addressed.Red Hat Security Advisory 2019-2000-01Red Hat Security Advisory 2019-2000-01 - As part of the maintenance phase, qualified security patches ofCritical or Important impact, as well as select mission-critical bug-fix patches, were released for Red HatOpenShift Enterprise 3.6 and Red Hat OpenShift Container Platform 3.7. After July 31, 2019, customers will notreceive those updates. Red Hat OpenShift Enterprise 3.6 has not been updated since June 2019 and Red HatOpenShift Container Platform 3.7 has not been updated since June 2019 as per the Red Hat OpenShiftContainer Platform Life Cycle Policy.Red Hat Security Advisory 2019-1972-01Red Hat Security Advisory 2019-1972-01 - Ruby is an extensible, interpreted, object-oriented, scriptinglanguage. It has features to process text files and to perform system management tasks. Issues addressedinclude a code execution vulnerability.Red Hat Security Advisory 2019-1973-01Red Hat Security Advisory 2019-1973-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issuesaddressed include a denial of service vulnerability.

https://www.informationwarfarecenter.com