Preface: Python provides the essential programming language for smart devices and solutions for the Internet of Things and Industry 4.0.

Technical background: When you use AES128 encrypt string, if the encrypted string is too long. It will contain \r\n in it. Actually, the encryption output is an array of 8-bit bytes, not characters.
The code is Base64 encoding the encrypted data with an option to insert line breaks every 64 characters.

About python-gnupg: gnupg module enables Python to use the functionality of GNU Privacy Guard or GnuPG. With this module Python programs can create and managed keys, encrpt and decrypt data, sign and verify.

Vulnerability detail: A design weakness due to insufficient validation of user-supplied input submitted to the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. Such vulnerability could allow a local attacker to control or modify sensitive information on a targeted system.

Remedy: Added checks to disallow newline-type characters in passphrases. https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112

Preface: Medical software manufacturer uses Adobe ColdFusion to more securely collect electronic clinical outcome assessment (eCOA) data.Digital solutions company uses Adobe ColdFusion to help midmarket companies manage eCommerce more effectively. Some expert predicted that ColdFusion was losing the market but he is still alive.

Critical statement of this vulnerability and remedy.
This attack requires the ability to upload executable code to a web-accessible directory, and then execute that code via an HTTP request. Restricting requests to directories where uploaded files are stored will mitigate this attack.

Should you have interested, please refer below official announcement for reference.

https://helpx.adobe.com/security/products/coldfusion/apsb19-14.html

Preface:
xmlrpc_decode — Decodes XML into native PHP types

Vulnerability detail: The vulnerability is due to improper input validation by the xmlrpc_decode() function of the affected software.

Impact: A successful exploit could cause a heap out-of-bounds read or read-after-free condition, which could result in a complete system compromise.

Remedy: PHP has released software updates at the following link: http://php.net/downloads.php

Preface: Huge rise in hack attacks as cyber-criminals target small businesses. For the Average Hacker, Your Small Business Is an Ideal Target .

Vulnerability detail: Improper Restriction of Operations within the Bounds of a Memory Buffer. And therefore causes vulnerability encounter on Management Interface to trigger Remote Command Execution.

Don’t become a botnet soldier!
Cisco has released free software updates that address the vulnerability described in this advisory.

For more information, please refer to the URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex

Version:1.0 StartHTML:000000193 EndHTML:000004936 StartFragment:000004279 EndFragment:000004805 StartSelection:000004279 EndSelection:000004805 SourceURL:https://www.linkedin.com/feed/ LinkedIn Preface: Huge rise in hack attacks as cyber-criminals target small businesses. For the Average Hacker, Your Small Business Is an Ideal Target . Vulnerability detail: Improper Restriction of Operations within the Bounds of a Memory Buffer. And therefore causes vulnerability encounter on Management Interface to trigger Remote Command Execution. Don’t become a botnet soldier! Cisco has released free software updates that address the vulnerability described in this advisory. For more information, please refer to the URL:

Preface: As of December 2017, PHP makes up over 83% of server side languages used on the internet. As of today, PHP looks running strong because a large amount of users, applications and also legacy applications.

Vulnerability Details:

CVE-2019-9025: PHP mb_split() Function Invalid Multibyte String Vulnerability

Impact: A successful exploit could cause buffer over-read and over-write conditions

Remedy: software update to 7.3.1 – http://php.net/downloads.php

CVE-2019-9023: PHP mbstring Regular Expression Functions Heap-Based Buffer Over-Read Vulnerability

Impact: A successful exploit could cause a heap-based buffer over-read condition.

Remedy: software updates at the following link: PHP 7.1.26, 7.2.14 or 7.3.1 – http://php.net/downloads.php

CVE ID: CVE-2019-1559

Operation vector: Remote

Impact: Security restrictions bypass

Vulnerable versions:
OpenSSL version 1.0.2q, 1.0.2p, 1.0.2o, 1.0.2n, 1.0.2m, 1.0.2l, 1.0.2k, 1.0.2j, 1.0.2i, 1.0.2g, 1.0.2f, 1.0.2e, 1.0.2d, 1.0.2c, 1.0.2b, 1.0.2a, 1.0.2, 1.0.2h

Official announcement: https://www.openssl.org/news/secadv/20190226.txt

Preface: Linux-based airline seat-back entertainment system won the market since 2007.

Background: Seat back entertainment system including Wi-Fi, movies and television shows, games and music. Some of it is built into an airline’s fleet, and some have options where you can bring your own devices and access in-flight entertainment options.

Vulnerability details:
A buffer overflow vulnerability found in British Airways Entertainment System, as installed on Boeing 777-36N(ER) and possibly other aircraft. The system cannot not local attacker exploit USB charging/data-transfer feature conducting cyber attack.

Impact: Trigger a chat app Buffer overflow or other unknown impact.

Comment:
Panasonic IFE systems cover large scale of market. However the vulnerabilities found in past has similarity with existing one. The risks are given out from USB port. Since Panasonic product capabilities can provides advanced functions and features. So, we would urge vendor to hardening the cyber security of their products.

Headline News: https://cyware.com/news/cve-2019-9019-affects-british-airways-entertainment-system-on-boeing-777-36nersecurity-affairs-50cf43ec

Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS Vulnerability – CVE-2019-5727

NVD Published Date: 02/20/2019

Preface: SIEM can enforce your cyber security protection meanwhile it is the potential target by hacker.

Synopsis: So far Splunk did a remarkable analytic function. Furthermore SIEM product itselfs have their baseline protection feature. From technical point of view, it is not recommend apply WAF function to monitor their activities. Perhaps WAF will be provide large volume of false positive alarm thus interrupt SIEM functions. Therefore how to conduct management control in SIEM will be the major focus by cyber security expert.

Vulnerability found on Splunk: A Web Persistent Cross-Site Scripting Vulnerability occurs.

Impact: A successful exploit could allow the attacker to execute arbitrary script code in the context of the web interface.

Splunk has released a security advisory at the following link: https://www.splunk.com/view/SP-CAAAQAF

Preface: The Domain Name System (DNS) was standardized 30 years ago by IETF (RFC1034 and RFC1035). An additional standard, EDNS (RFC2671) was published in 1999 and updated in 2013 (RFC6891).

Synopsis: As time goes by, EDNS, gained importance with the wide deployment of DNSSEC, among others, which has become an essential part of the DNS protocol.
Since the nonconformity of the software code especially of the DNS software vendors.There are different workarounds on DNS software vendors. Meanwhile it is hard to avoid vulnerability occurs.

ISC Releases security updates for Bind:
CVE-2018-5744: A specially crafted packet can cause named to leak memory – https://kb.isc.org/docs/cve-2018-5744

CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys – https://kb.isc.org/docs/cve-2018-5745

CVE-2019-6465: Zone transfer controls for writable DLZ zones were not effective – https://kb.isc.org/docs/cve-2019-6465

Preface: SQLAlchemy is an open-source SQL toolkit and object-relational mapper (ORM) for the Python programming language released under the MIT License.

Who is their customer?
SQLAlchemy is used by organizations such as:
Yelp!
reddit
DropBox
The OpenStack Project
Survey Monkey

Modern programming languages are almost all object-oriented. While most object-oriented languages offer developer benefits such as componentization of code, ease of maintenance, possibility of reuse. This is the fact that they need for an OR mapper.

Vulnerability detail: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

Remedy:
SQLAlchemy has released a software updates at the following link:

https://github.com/sqlalchemy/sqlalchemy/releases