New vulnerability that requires attention from the users that run the apache / tomcat from windows machines.
“When running on Windows with enableCmdLineArguments enabled, the CGI
Servlet is vulnerable to Remote Code Execution due to a bug in the way
the JRE passes command line arguments to Windows. The CGI Servlet is
disabled by default. The CGI option enableCmdLineArguments is disabled
by default in Tomcat 9.0.x (and will be disabled by default in all
versions in response to this vulnerability)”
I have been away for some time.
In the first day of my return I have found the following vulnerability related with Apple.
It seems nasty… Although it cannot be remotely exploited it might be used in phishing campaigns that might trick the user to execute some software that takes ownership of the computer.
This local privilege escalation flaw resides in IOHIDFamily, an extension of the macOS kernel which has been designed for human interface devices (HID), like a touchscreen or buttons, allowing an attacker to install a root shell or execute arbitrary code on the system.
Exploit / Proof of concept
This vulnerability might be another that will cause some changes on the internet.
It seems that uses the fallback to 3.0 to create a man in the middle opportunity to disclosure information.
This is a interesting paper about it.
Solution at the moment is disable SSL 3.0, this might create problems with legacy users or users that have older browsers because they might not be able to access the site.
It might have a positive side, force everybody to use safer protocols. 🙂 and recent clients.
More information here:
How to check if you are secure suing mmap
nmap –script ssl-cert,ssl-enum-ciphers -p 443,465,993,995 www.hjfr-info.com
How to check if you are secure using openssl
openssl s_client -connect www.hjfr-info.com:443
It seems that a new vulnerability on SSL is being used on spy games to the west. 🙂
This information was disclosure by the http://www.isightpartners.com/2014/10/cve-2014-4114/
For what is told on the internet has soon has Microsoft releases the patch, more info on it will be delivered about it.
The vulnerability code: