Preface: Huge rise in hack attacks as cyber-criminals target small businesses. For the Average Hacker, Your Small Business Is an Ideal Target .
Vulnerability detail: Improper Restriction of Operations within the Bounds of a Memory Buffer. And therefore causes vulnerability encounter on Management Interface to trigger Remote Command Execution.
Don’t become a botnet soldier!
Cisco has released free software updates that address the vulnerability described in this advisory. For more information, please refer to the URL:
Preface: As of December 2017, PHP makes up over 83% of server side languages used on the internet. As of today, PHP looks running strong because a large amount of users, applications and also legacy applications.
CVE-2019-9025: PHP mb_split() Function Invalid Multibyte String Vulnerability
Impact: A successful exploit could cause buffer over-read and over-write conditions
Preface: Linux-based airline seat-back entertainment system won the market since 2007.
Background: Seat back entertainment system including Wi-Fi, movies and television shows, games and music. Some of it is built into an airline’s fleet, and some have options where you can bring your own devices and access in-flight entertainment options.
Vulnerability details: A buffer overflow vulnerability found in British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft. The system cannot not local attacker exploit USB charging/data-transfer feature conducting cyber attack.
Impact: Trigger a chat app Buffer overflow or other unknown impact.
Comment: Panasonic IFE systems cover large scale of market. However the vulnerabilities found in past has similarity with existing one. The risks are given out from USB port. Since Panasonic product capabilities can provides advanced functions and features. So, we would urge vendor to hardening the cyber security of their products.
Preface: We heard close encounter of the 3rd kind. But tons of news report that people discovered UFO in the sky.
Historical background: 1942, over Los Angeles, California.Initially, the target of the aerial barrage was thought to be an attacking force from Japan, but Secretary of the Navy Frank Knox, speaking at a press conference shortly afterward, called the incident a “false alarm.” A small number of modern-day UFO experts say the targets were extraterrestrial spacecraft.
Nazi Bell not a myth: The Nazi Bell uncover by Igor Witkowski , a Polish former journalist.
Synopsis: We heard the rumors that Nazi Bell are able to fly in light speed, capable to go to worm hole. In short they can provide a time traveler function. As a matter of fact, I speculate that Nazi leader has doubt why UFO allow non-stop flying. As we know, during world world II nuclear power for energy not found yet. As a result, The objective of Hitler keen to design a nuclear power energy aircraft. Attached picture is my draft based on my understanding.
Should you have interested of above item, please refer below url.
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS Vulnerability – CVE-2019-5727
NVD Published Date: 02/20/2019
Preface: SIEM can enforce your cyber security protection meanwhile it is the potential target by hacker.
Synopsis: So far Splunk did a remarkable analytic function. Furthermore SIEM product itselfs have their baseline protection feature. From technical point of view, it is not recommend apply WAF function to monitor their activities. Perhaps WAF will be provide large volume of false positive alarm thus interrupt SIEM functions. Therefore how to conduct management control in SIEM will be the major focus by cyber security expert.
Vulnerability found on Splunk: A Web Persistent Cross-Site Scripting Vulnerability occurs.
Impact: A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface.
Preface: The Domain Name System (DNS) was standardized 30 years ago by IETF (RFC1034 and RFC1035). An additional standard, EDNS (RFC2671) was published in 1999 and updated in 2013 (RFC6891).
Synopsis: As time goes by, EDNS, gained importance with the wide deployment of DNSSEC, among others, which has become an essential part of the DNS protocol. Since the nonconformity of the software code especially of the DNS software vendors.There are different workarounds on DNS software vendors. Meanwhile it is hard to avoid vulnerability occurs.
Preface: SQLAlchemy is an open-source SQL toolkit and object-relational mapper (ORM) for the Python programming language released under the MIT License.
Who is their customer? SQLAlchemy is used by organizations such as: Yelp! reddit DropBox The OpenStack Project Survey Monkey
Modern programming languages are almost all object-oriented. While most object-oriented languages offer developer benefits such as componentization of code, ease of maintenance, possibility of reuse. This is the fact that they need for an OR mapper.
Vulnerability detail: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
Remedy: SQLAlchemy has released a software updates at the following link:
Preface: Many companies do not plan to use the Microsoft IIS web server until MS SharePoint is born.
MS SharePoint baseline design: If you decide to use SharePoint, IIS web server will be work with you forever. Indeed that SharePoint products are popular. And such away let people forget about IIS web server weakness. Perhaps most of the design architect conduct the preventive control to avoid the risk already. They install a proxy server in front of IIS.
Doubt: If you have proxy server in front of IIS web server. Do you jeopardize by this vulnerability? Perhaps your proxy will be reduce the risk. But for the long run. Schedule to do the patching.
Below is the official announcement by Microsoft. ADV190005 – Guidance to adjust HTTP/2 SETTINGS frames