Preface: Operating system · Linux, NetBSD, FreeBSD, OpenBSD, macOS, Windows · Type · DNS server · License · Mozilla Public License (ISC license before 9.11). Website, www.isc.org/downloads/bind. BIND is the most widely used Domain Name System (DNS).

Alert: A design limitation of BIND let remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. Official details shown as below:

CVE-2019-6467: https://kb.isc.org/docs/cve-2019-6467
CVE-2019-6468: https://kb.isc.org/docs/cve-2019-6468
CVE-2018-5743: https://kb.isc.org/docs/cve-2018-5743

Technical highlight: CVE-2018-5743 flaw impact the limiting simultaneous TCP clients is ineffective. It potentially lead to exhaustion of all available free file descriptors on that system. That is, when you open a file, the operating system creates an entry to represent that file and store the information about that opened file. So if there are 50 files opened in your OS then there will be 50 entries in OS (somewhere in kernel). So it may potential trigger additional unknown vulnerability.

Preface: Kiss O’Death Packet and Other NTP Vulnerabilities potentially turn back the Internet’s Clocks and causes unpredictable problem.

NTP vulnerability – historical record: There was a loophole in 2013,, the attack relies on the exploitation of the ‘monlist’ feature of NTP, as described in CVE-2013-5211, which is enabled by default on older NTP-capable devices. This command causes a list of the last 600 IP addresses which connected to the NTP server to be sent to the victim.

CVE-2019-11331 vulnerability details: The vulnerability is due to improper use of UDP port 123 by the affected software. Threat actor can make a malicious packet input to the targeted system. A successful exploit could allow the attacker to conduct an off-path attack.

Remedy: NTP.org had not released a security advisory. Stay tuned.

Preface: An IT ecosystem is “the network of organizations that drives the creation and delivery of information technology products and services.

About urllib3: Much of the Python ecosystem already uses urllib. It brings additional features that are missing from the Python standard libraries. For instance – Client-side SSL/TLS verification, Helpers for retrying requests and dealing with HTTP redirects,……

Vulnerability details: A vulnerability in urllib3 could allow an unauthenticated, remote attacker to bypass security restrictions on a targeted system.

Findings: The vulnerability exists because the affected software mishandles CA certificates that are related to the use of the ssl_context, ca_certs, or ca_certs_dir parameters.

Remedy: Software updates at the following link: https://github.com/urllib3/urllib3/releases

Preface: In general, Ruby is a good language for game development. Apart from that Ruby has been used by companies like Twitter, Airbnb, Shopify, Github, Slideshare, Basecamp and Shopify.

Synopsis: RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries (in a self-contained format called a “gem”).

Vulnerability details: CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution. For more details, please refer to attached diagram.

Remedy: RubyGems has released software updates at the following link: https://rubygems.org/pages/download

Preface: When I was young, I am afraid for Injection therapy. Yes, is my butt. Perhaps such circumstance is also apply to software application system!

Synopsis: Magento Commerce, providing end-to-end solutions that suit clients’ needs.

Vulnerability details: A vulnerability in Magento could allow an unauthenticated, remote attacker to conduct an SQL Injection attack against a targeted system. The vulnerability is due to the insufficient validation of user supplied input submitted to the affected software. An attacker could exploit this vulnerability by sending a request that submits malicious input to the targeted system.

Remediation: https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update

Preface: A browser engine is a core software component of every major web browser. Apart of “browser engine”, two other terms are in common use regarding related concepts: “layout engine” and “rendering engine”

Synopsis:

A rendering engine is used by a Web browser to eender HTML pages, by mail programs that render HTML email message, as well as any other application that needs to render Web page content.
WebKitGTK is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.
WebKit is the web browser engine used by Safari, Mail, App Store, and many other apps on macOS, iOS, and Linux.

Vulnerability: A vulnerability in GNOME WebKitGTK could allow an unauthenticated, remote attacker to compromise a targeted system completely. The successful exploit could cause a buffer overflow condition, allowing the attacker to compromise the system completely.

Fixed Software: https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531

Preface: This advisory is part of the March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 26 vulnerabilities.

Synopsis: A digital signature (not digital certificate) is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.

Vulnerability details: A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software image on an affected device. In order to manipulate the machine, threat actor must meet below conditions:

• Has a particular product ID (PID)
• Is running an affected BIOS version
• Is running a vulnerable release of Cisco NX-OS Software

Official announcement : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-sig-verif

Preface: public class CGIServlet – extends javax.servlet.http.HttpServlet
(CGI-invoking servlet for web applications, used to execute scripts which comply to the Common Gateway Interface (CGI) specification.)

Synopsis: Tomcat implements several Java EE specifications including Java Servlet, JavaServer Pages (JSP), Java EL, and WebSocket, and provides a “pure Java” HTTP web server environment in which Java code can run.

Vulnerability details: CVE-2019-0232 Apache Tomcat Remote Code Execution on Windows

Apache Tomcat version for Windows. A design defect in function (enableCmdLineArguments), the CGI Servlet is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. But this CGI Servlet is disabled by default.
Remark: enableCmdLineArguments – Are command line parameters generated from the query string as per section 4.4 of 3875 RFC? The default is false.

Official announcement shown following url: http://mail-archives.us.apache.org/mod_mbox/www-announce/201904.mbox/%3C13d878ec-5d49-c348-48d4-25a6c81b9605%40apache.org%3E