Telekom Security Updates
-
Unquoted Service Path exploit in Fortinet FortiClient
FortiClient for Windows prior to 6.2.3 is vulnerable to an unquoted service path vulnerability (CVE-2019-17658). That may allow an attacker to gain elevated privileges via the FortiClientConsole executable service path.
Continue Reading -
Juniper Junos Space prior to 19.4R1 Local File Inclusion Vulnerability
A Local File Inclusion vulnerability (CVE-2020-1611) in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets.
Continue Reading -
wolfSSL TLSv1.3 Remote Buffer Overflow
A new critical remote buffer overflow vulnerability (CVE-2019-11873) was discovered in the wolfSSL library (version 4.0.0-stable, http://www.wolfssl.com) by Security Evaluators of Telekom Security with modern fuzzing methods. The vulnera...
Continue Reading -
axTLS Remote Buffer Overflow
A new critical remote buffer overflow vulnerability (CVE-2019-8981) in the axTLS library for embedded devices (version 2.1.4, http://axtls.scourceforge.net was discovered on 2019 February 20 with modern fuzzing methods, which possibly al...
Continue Reading -
T-Pot Version 19.03 released
In Mach 2019 we released T-Pot 19.03. Read more Details here.
Continue Reading -
WeBid Directory Traversal, Blind SQL Injection and XSS
Multiple vulnerabilities were identified in version 1.2.2 of the popular “WeBid” open source auction system. Patches for all three vulnerabilities are available in their GitHub, and will be included in the next release.
Continue Reading -
ServiceNow Glide Scripting injection leading to privilege escalation
ServiceNow, an enterprise IT service management solution, is vulnerable to an templateinjection vulnerability, leading to a full privilege escalation.
Continue Reading -
Variant of Satori/Mirai detected attacking public available ADB shells
On the 10th of July at 23:30 UTC we noticed an increased traffic on our blackhole monitoring on TCP port 5555. Upon further analysis, we saw a big chunk of this traffic coming from China, USA and the Dominican Republic. In total we gathe...
Continue Reading