09-23

September 23, 2019

The Cyber WAR (Weekly Awareness Report) is an Open Source Intelligence AKA OSINT resource focusing on advanced
persistent threats and other digital dangers received by over ten thousand individuals. APTs fit into a cybercrime category
directed at both business and political targets. Attack vectors include system compromise, social engineering, and even
traditional espionage. Included are clickable links to news stories, vulnerabilities, exploits, & other industry risk.

Summary
Symantec ThreatCon Low: Basic network posture
This condition applies when there is no discernible network incident activity and no malicious
code activity with a moderate or severe risk rating. Under these conditions, only a routine
security posture, designed to defeat normal network threats, is warranted. Automated systems
and alerting mechanisms should be used.

Sophos: Last Malware Last PUAs

* Troj/DocDrp-NO * XMRig Miner
* Troj/DocDrp-NN * T-Rex NVIDIA GPU Miner
* Troj/Agent-BCQJ * LaZagne
* Troj/Nanoco-YP * IStartSurfInstaller
* Troj/HawkEye-YI * AirInstaller
* Troj/Xtbl-EI * 4Share Downloader
* Troj/DocPh-IO * Obnovi Soft
* Troj/Trickbo-SV * DealPly Updater
* Troj/RTFDl-AKU * ADEGrab
* JS/Dwnldr-YVN * Neoreklami

Interesting News
* Threat landscape for smart buildings
We decided to study the live threats to building-based automation systems and to see what malware their owners
encountered in the first six months of 2019.

* * The Cyber Intelligence Report has a brand new look and the 2019 Quarter 4 issue will be released the begining October.
There are some great walkthroughs inside you shouldn't miss. We have an active Facebook group that discusses topics
ranging from computer forensics to ethical hacking and more. Join the Cyber Secrets Facebook group here. If you would
like to receive the CIR updates by email, Subscribe at: CIR@informationwarfarecenter.com
Index of Sections
Current News
* Packet Storm Security
* Krebs on Security
* Dark Reading
* The Hacker News
* Security Week
* Infosecurity Magazine
* Naked Security
* Quick Heal - Security Simplified
* Threat Post

The Hacker Corner:

* Security Conferences
* Zone-H Latest Published Website Defacements

Tools & Techniques

* Packet Storm Security Latest Published Tools
* Kali Linux Tutorials
* GBHackers Analysis

Exploits and Proof of Concepts

* Packet Storm Security Latest Published Exploits
* Exploit Database Releases

Advisories
* US-Cert (Current Activity-Alerts-Bulletins)
* Symantec's Latest List
* Packet Storm Security's Latest List

Credits
Packet Storm Security

* How Google Changed The Secretive Market For The Most Dangerous Hacks In The World
* 200K Sign Petition Against Equifax Data Breach Settlement
* Facebook Suspends Tens Of Thousands Of Apps Over Privacy Issues
* Forcepoint VPN For Windows Patches Privilege Escalation Vuln
* New North Korean Malware Targeting ATMs Spotted In India
* WeWork Unsecured WiFi Exposes Documents
* Thinkful Confirms Breach
* Payment Card Thieves Hack Click2Gov Bill Paying Portals In 8 Cities
* Hotel Booking Sites Come Under Fire From Magecart
* Advanced Hackers Are Infecting IT Providers To Get At Customers
* Iowa Officials Claim Confusion Over Scope In Pen-Test Arrest
* Smart TVs, Subscription Services Leak Data To Facebook, Google
* Hotel Websites Infected With Skimmer Via Supply Chain Attack
* Medical Records For 24.3 Million Left Exposed
* New Algorithms Aim To Stamp Out Abuse On Twitter
* Poor Protocol Design For IoT Devices Fueling DDoS
* Novaestrat Exec Arrested After Ecuadorian Data Leak
* Alleged JPMorgan Hacker Set To Plead Guilty
* The Air Force Will Let Hackers Try To Hijack An Orbiting Satellite
* Gootkit Crew Left Database Exposed Without A Password
* Attackers Pose As Business Executives To Secure Security Certificates
* Personal Data From Entire 16.6M Population Of Ecuador Leaked Online
* Uber Confirms Account Takeover Vulnerability
* iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
* 198M Records Of Prospective Auto Buyers Leaked

Krebs on Security

* Before He Spammed You, this Sly Prince Stalked Your Mailbox

* Man Who Hired Deadly Swatting Gets 15 Months
* NY Payroll Company Vanishes With $35 Million
* Patch Tuesday, September 2019 Edition
* Secret Service Investigates Breach at U.S. Govt IT Contractor
* 'Satori' IoT Botnet Operator Pleads Guilty
* Spam In your Calendar? Here's What to Do.
* Feds Allege Adconion Employees Hijacked IP Addresses for Spamming
* Phishers are Angling for Your Cloud Providers
* Ransomware Bites Dental Data Backup Firm
Dark Reading

* YouTube Creators Hit in Account Hijacking Campaign

* How Network Logging Mitigates Legal Risk
* Security 101
* 'Playing Around' with Code Keeps Security, DevOps Skills Sharp
* 7 Ways VPNs Can Turn from Ally to Threat
* HP Purchases Security Startup Bromium
* Ransomware Strikes 49 School Districts & Colleges in 2019
* WeWork's Wi-Fi Exposed Files, Credentials, Emails
* A Safer IoT Future Must Be a Joint Effort
* Edge Feature Section
* A Beginner's Guide to Microsegmentation
* Lion Air the Latest to Get Tripped Up by Misconfigured AWS S3
* Metasploit Creator HD Moore's Latest Hack: IT Assets
* California's IoT Security Law Causing Confusion
* BSIMM10 Emphasizes DevOps' Role in Software Security
* Security Pros Value Disclosure ... Sometimes
* Deconstructing an iPhone Spearphishing Attack
* Ping Identity Prices IPO at $15 per Share
* Crowdsourced Security & the Gig Economy
* The 20 Worst Metrics in Cybersecurity

The Hacker News

* Two Widely Used Ad Blocker Extensions for Chrome Caught in Ad Fraud Scheme
* Update Google Chrome Browser to Patch New Critical Security Flaws
* IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador's History
* Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month
* The Definitive RFP Templates for EDR/EPP and APT Protection
* Warning: Researcher Drops phpMyAdmin Zero-Day Affecting All Versions
* United States Sues Edward Snowden and You'd be Surprised to Know Why
* Thousands of Google Calendars Possibly Leaking Private Information Online
* 125 New Flaws Found in Routers and NAS Devices from Popular Brands
* WhatsApp 'Delete for Everyone' Doesn't Delete Media Files Sent to iPhone Users
* How Cloud-Based Automation Can Keep Business Operations Secure
* US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks
* Yikes! iOS 13 Coming Next Week With iPhone LockScreen Bypass Bug
* New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS
* WebARX — A Defensive Core For Your Website
Security Week

* 0patch Promises Support for Windows 7 Beyond January 2020

* Being CISO Is No Longer a Dead-End Job
* Use Case-Centric Threat Intelligence Requires a Considered Approach
* Wyoming Hospital's Services Disrupted by Ransomware
* Flaw Gives Hackers Remote Access to Files Stored on D-Link DNS-320 Devices
* Digital Threats Multiply Ahead of 2020 US Elections
* Google Awards $40,000 for Chrome Sandbox Escape Vulnerabilities
* Mac Malware Poses as Trading App
* Alleged Hacker Faces 154 Charges in Football Leaks Case
* Payouts From Insurance Policies May Fuel Ransomware Attacks
* Iran Denies Successful Cyber Attacks on Oil Sector
* Facebook Suspends 'Tens of Thousands' of Apps in Privacy Review
* Eight U.S. Cities Impacted in New Series of Click2Gov Breaches
* 200,000 Sign Petition Against Equifax Data Breach Settlement
* Indonesia, Malaysia Probe Lion Air Customer Data Leak
* Twitter Closes Thousands of Fake News Accounts Worldwide
* Vulnerability Patched in Forcepoint VPN Client for Windows
* France Has 'Not Changed Mind' on Rejecting Snowden Asylum
* Two Indicted in $10 Million Tech Support Fraud Scheme
* VMware Patches Six Vulnerabilities in Various Products

Infosecurity Magazine

* Twitter Culls 10,000 More State-Sponsored Accounts

* Thinkful Resets Passwords After Data Breach Exposes Coders
* Facebook Suspends Tens of Thousands of Apps
* City of Los Angeles Teams Up with IBM to Fight Cybercrime
* WeWork's WiFi Security Worryingly Weak
* US Air Force Invites Bids for $95m Cybersecurity Contract
* Republicans U-Turn to Back $250m Election Security Boost
* Senior Execs Shun Cyber Risk as Concerns Grow
* Duo Indicted in $10m Tech Support Scam Case
* MITRE Names 2019's Most Dangerous Software Errors
* Vacationers Hit by Skimming Attack
* Study Reveals Most Expensive State for Cyber Insurance
Naked Security

* Google pulls more fake adblockers from Chrome Web Store

* Investors accuse FedEx of lying, stock dumping after NotPetya attack
* Could EarEcho change the way we authenticate our phones?
* Two charged with tech-support scamming the elderly for $10m
* WannaCry - and why it never went away
* Monday review - the hot 22 stories of the week
* Server-squashing zero-day published for phpMyAdmin tool
* IBM's new 53-qubit quantum 'mainframe' is live in the cloud
* Report: Use of AI surveillance is growing around the world
* Facebook Libra rejected by France as "dangerous”

Quick Heal - Security Simplified

* Trivia! 5 things you never imagined could be hacked by cyber criminals

* The Free Mobile Anti-virus you are using can be a Fake!
* Teacher's Day Special - Things that teachers must know about their students to make them cyber safe
* PowerShell: Living off the land!
* Cybersquatting and Typosquatting victimizing innocent customers and brands
* Phishers using custom 404 Not Found error page to steal Microsoft credentials
* Alert! 27 apps found on Google Play Store that prompt you to install Fake Google Play Store
* Alert! Income tax refund SMS - Newest way of conducting bank fraud by cyber criminals
* Android based IoT devices with open ADB port inviting easy attacks by Crypto-miners
* MegaCortex Returns…

Threat Post

* Google Assistant Audio Privacy Controls Updated After Outcry

* 200K Sign Petition Against Equifax Data Breach Settlement
* Facebook Removed Tens of Thousands of Apps Post-Cambridge Analytica
* Forcepoint VPN Client is Vulnerable to Privilege Escalation Attacks
* News Wrap: Emotet's Return, U.S. Vs. Snowden, Physical Pen Testers Arrested
* Mattress Company Leaks Data Records of 387K Customers
* Payment Card Breach Hits 8 Cities Using Vulnerable Bill Portal
* Microsoft Silent Update Torpedoes Windows Defender
* These Hacks Require Literally Sneaking in the Backdoor
* Smart TVs, Subscription Services Leak Data to Facebook, Google
The Hacker Corner
Conferences

* Advertising Landing Page Copy/Form

* Apply: FREE 6 Month InfoSec Speaking Plan
* Apply: FREE 6 Month InfoSec Speaking Plan
* How To Speak At DEF CON
* Join Our LinkedIn Group
* Upcoming Cybersecurity Conferences in the United States & Canada
* Upcoming Cybersecurity Conferences in Europe
* 29 Amazing TED Cybersecurity Talks (2008 - 2020)
* 7 Proven Ideas for Your InfoSec Conference Delegate Acquisition Strategy
* An Interview with Jack Daniel: Co-Founder of BSides!

Latest Website Defacements

* http://sec40.go.th/counter.txt
* https://maketi.gov.to/007.html
* http://sayoang.polmankab.go.id/vz.htm
* http://paopao.polmankab.go.id/vz.htm
* http://lapeo.polmankab.go.id/vz.htm
* http://sambaliwali.polmankab.go.id/vz.htm
* http://panyampa.polmankab.go.id/vz.htm
* http://kesbangpol.polmankab.go.id/vz.htm
* http://sidorejo.polmankab.go.id/vz.htm
* http://ugibaru.polmankab.go.id/vz.htm
* http://kenje.polmankab.go.id/vz.htm
* http://sumberjo.polmankab.go.id/vz.htm
* http://galunglombok.polmankab.go.id/vz.htm
* http://petoosang.polmankab.go.id/vz.htm
* http://alu.polmankab.go.id/vz.htm
* http://saragian.polmankab.go.id/vz.htm
* http://mombi.polmankab.go.id/vz.htm
* http://bonnebonne.polmankab.go.id/vz.htm
* http://anreapi.polmankab.go.id/vz.htm
* http://kalumammang.polmankab.go.id/vz.htm
Tools & Techniques
Packet Storm Security Tools Links

* Wireshark Analyzer 3.0.5

* Web-Based Firewall Logging Tool 1.1.2
* TOR Virtual Network Tunneling Tool 0.4.1.6
* Packet Fence 9.1.0
* Wireshark Analyzer 3.0.4
* OpenSSL Toolkit 1.1.1d
* Wapiti Web Application Vulnerability Scanner 3.0.2
* SQLMAP - Automatic SQL Injection Tool 1.3.9
* SSLsplit 0.5.5
* Bro Network Security Monitor 2.6.4

Kali Linux Tutorials

* Dr_Robot : Tool Used To Enumerate The Subdomains Associated With A Company

* FudgeC2 : A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell & .NET
* Aura Botnet : A Super Portable Botnet Framework With A Django-Based C2 Server
* Stardox : Github Stargazers Information Gathering Tool
* Act Platform : Open Platform For Collection & Exchange Of Threat Intelligence Information
* PrivExchange : Exchange Your Privileges For Domain Admin Privs By Abusing Exchange
* PostShell - Post Exploitation Bind/Backconnect Shell
* TinkererShell : A Simple Python Reverse Shell
* DetExploit : OSS Vulnerability Scanner for Windows Platform
* Stegify : Go Tool For LSB Steganography,Capable Of Hiding Any File Within An Image

GBHackers Analysis

* Top 7 Vulnerability Database Sources to Trace New Vulnerabilities

* CWE Top 25 (2019) - List of Top 25 Most Dangerous Software Weakness that Developers Need to Focus
* Vulnerability in Exim Mail Server Let Hackers Gain Root Access Remotely From 5 Million Email Servers
* Twitter CEO Jack Dorsey Account Hacked using Sim Swapping Attack
* A Critical Vulnerability in Tesla Model S Let Hackers Clone The Car Key Within 2 Seconds & Steal Car
Proof of Concept (PoC) & Exploits
Packet Storm Security

* Dokeos 1.8.6.1 / 1.8.6.3 Arbitrary File Upload

* Palo Alto Networks Cross Site Request Forgery
* Hisilicon HiIpcam V100R003 Remote ADSL Credential Disclosure
* LayerBB 1.1.3 Cross Site Request Forgery
* GOautodial 4.0 Cross Site Scripting
* DIGIT CENTRIS 4 ERP SQL Injection
* Western Digital My Book World II NAS 1.02.12 Hardcoded Credential
* macOS 18.7.0 Kernel Local Privilege Escalation
* Hospital-Management 1.26 SQL Injection
* Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting
* Google Chrome Password Disclosure
* Microsoft Windows Internet Settings Security Feature Bypass
* V8 Map Migration Type Confusion
* LastPass Credential Leak From Previous Site
* Inteno IOPSYS Gateway 3DES Key Extraction Improper Access
* docPrint Pro 8.0 SEH Buffer Overflow
* AppXSvc 17763.1.amd64fre.rs5_release.180914-1434 Privilege Escalation
* Master Data Online Cross Site Request Forgery / Data Tampering
* Webmin 1.920 Remote Code Execution
* College-Management-System 1.2 Authentication Bypass
* Ticket-Booking 1.4 Authentication Bypass
* Piwigo 2.9.5 Cross Site Request Forgery / Cross Site Scripting
* phpMyAdmin 4.9.0.1 Cross Site Request Forgery
* Dolibarr ERP-CRM 10.0.1 Cross Site Scripting
* Folder Lock 7.7.9 Denial Of Service
Proof of Concept (PoC) & Exploits
Exploit Database

* [remote] HPE Intelligent Management Center

* [webapps] Gila CMS
* [remote] Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure
* [webapps] LayerBB
* [webapps] GOautodial 4.0 - 'CreateEvent' Persistent Cross-Site Scripting
* [webapps] DIGIT CENTRIS 4 ERP - 'datum1' SQL Injection
* [local] macOS 18.7.0 Kernel - Local Privilege Escalation
* [webapps] Western Digital My Book World II NAS 1.02.12 - Authentication Bypass / Command Execution
* [webapps] Hospital-Management 1.26 - 'fname' SQL Injection
* [webapps] CollegeManagementSystem-CMS 1.3 - 'batch' SQL Injection
* [local] docPrint Pro 8.0 - SEH Buffer Overflow
* [webapps] Symantec Advanced Secure Gateway (ASG) / ProxySG - Unrestricted File Upload
* [remote] Inteno IOPSYS Gateway - Improper Access Restrictions
* [local] AppXSvc - Privilege Escalation
* [webapps] College-Management-System 1.2 - Authentication Bypass
* [webapps] Ticket-Booking 1.4 - Authentication Bypass
* [webapps] LimeSurvey 3.17.13 - Cross-Site Scripting
* [webapps] phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery
* [webapps] Dolibarr ERP-CRM 10.0.1 - 'User-Agent' Cross-Site Scripting
* [dos] Folder Lock 7.7.9 - Denial of Service
* [dos] Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts
* [dos] Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
* [webapps] eWON Flexy - Authentication Bypass
* [webapps] AVCON6 systems management platform - OGNL Remote Command Execution
* [local] Windows 10 - UAC Protection Bypass Via Windows Store (WSReset.exe) and Registry (Metasploit)
Advisories
US-Cert Alerts & bulletins

* AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability

* AA19-122A: New Exploits for Unsecure SAP Systems
* AA19-024A: DNS Infrastructure Hijacking Campaign
* Vulnerability Summary for the Week of September 16, 2019
* Vulnerability Summary for the Week of September 9, 2019
* Vulnerability Summary for the Week of September 2, 2019

Symantec - Latest List

* Microsoft .NET Core CVE-2019-1301 Denial of Service Vulnerability

* Microsoft Windows CVE-2019-1215 Local Privilege Escalation Vulnerability
* Microsoft Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
* Microsoft SharePoint CVE-2019-1296 Remote Code Execution Vulnerability
* Microsoft Team Foundation Server CVE-2019-1305 Cross Site Scripting Vulnerability
* Microsoft Excel CVE-2019-1297 Remote Code Execution Vulnerability
* Microsoft SharePoint CVE-2019-1295 Remote Code Execution Vulnerability
* Microsoft Windows Secure Boot CVE-2019-1294 Local Security Bypass Vulnerability
* Microsoft Windows LNK CVE-2019-1280 Remote Code Execution Vulnerability
* Microsoft Winlogon CVE-2019-1268 Local Privilege Escalation Vulnerability
* Microsoft Compatibility Appraiser CVE-2019-1267 Local Privilege Escalation Vulnerability
* Microsoft Exchange Server CVE-2019-1266 Spoofing Vulnerability
* Microsoft Yammer CVE-2019-1265 Security Bypass Vulnerability
* Microsoft Office CVE-2019-1264 Security Bypass Vulnerability
* Microsoft Excel CVE-2019-1263 Information Disclosure Vulnerability
* Microsoft Office SharePoint CVE-2019-1262 Cross Site Scripting Vulnerability
* Microsoft SharePoint CVE-2019-1261 Spoofing Vulnerability
* Microsoft SharePoint CVE-2019-1260 Remote Privilege Escalation Vulnerability
* Microsoft SharePoint CVE-2019-1259 Spoofing Vulnerability
* Microsoft SharePoint CVE-2019-1257 Remote Code Execution Vulnerability
* Microsoft Windows Text Service Framework CVE-2019-1235 Local Privilege Escalation Vulnerability
* Microsoft Exchange CVE-2019-1233 Remote Denial of Service Vulnerability
* Microsoft Windows Diagnostics Hub CVE-2019-1232 Local Privilege Escalation Vulnerability
* Microsoft Rome SDK CVE-2019-1231 Information Disclosure Vulnerability
* Microsoft ASP.NET Core CVE-2019-1302 Remote Privilege Escalation Vulnerability
* Microsoft Lync CVE-2019-1209 Information Disclosure Vulnerability
Advisories
Packet Storm Security - Latest List

Red Hat Security Advisory 2019-2809-01

Red Hat Security Advisory 2019-2809-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues
addressed include null pointer and use-after-free vulnerabilities.
Red Hat Security Advisory 2019-2781-01
Red Hat Security Advisory 2019-2781-01 - Red Hat Satellite is a system management solution that allows
organizations to configure and maintain their systems without the necessity to provide public Internet access to
their servers or other client systems. It performs provisioning and configuration management of predefined
standard operating environments. A TLS man-in-the-middle vulnerability has been addressed.
Red Hat Security Advisory 2019-2782-01
Red Hat Security Advisory 2019-2782-01 - Red Hat Satellite is a system management solution that allows
organizations to configure and maintain their systems without the necessity to provide public Internet access to
their servers or other client systems. It performs provisioning and configuration management of predefined
standard operating environments. A TLS man-in-the-middle vulnerability has been addressed.
Red Hat Security Advisory 2019-2837-01
Red Hat Security Advisory 2019-2837-01 - The kernel packages contain the Linux kernel, the core of any Linux
operating system. Issues addressed include denial of service and null pointer vulnerabilities.
Red Hat Security Advisory 2019-2789-01
Red Hat Security Advisory 2019-2789-01 - Jenkins is a continuous integration server that monitors executions
of repeated jobs, such as building a software project or jobs run by cron. Issues addressed include a cross site
request forgery vulnerability.
Red Hat Security Advisory 2019-2836-01
Red Hat Security Advisory 2019-2836-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems,
written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the
maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues
addressed include an out of bounds write vulnerability.
Debian Security Advisory 4526-1
Debian Linux Security Advisory 4526-1 - It was discovered that OpenDMARC, a milter implementation of
DMARC, is prone to a signature-bypass vulnerability with multiple From: addresses.
Debian Security Advisory 4527-1
Debian Linux Security Advisory 4527-1 - Multiple security issues were found in PHP, a widely-used open
source extension and the iconv_mime_decode_headers() function could result in information disclosure or
denial of service.
Debian Security Advisory 4528-1
Debian Linux Security Advisory 4528-1 - Daniel McCarney discovered that the BIRD internet routing daemon
incorrectly validated RFC 8203 messages in it's BGP daemon, resulting in a stack buffer overflow.
Red Hat Security Advisory 2019-2829-01
Red Hat Security Advisory 2019-2829-01 - The kernel packages contain the Linux kernel, the core of any Linux
operating system. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2019-2830-01
Red Hat Security Advisory 2019-2830-01 - The kernel-rt packages provide the Real Time Linux Kernel, which
enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a
buffer overflow vulnerability.
Red Hat Security Advisory 2019-2827-01
Red Hat Security Advisory 2019-2827-01 - The kernel packages contain the Linux kernel, the core of any Linux
operating system. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2019-2828-01
Red Hat Security Advisory 2019-2828-01 - The kernel-rt packages provide the Real Time Linux Kernel, which
enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a
buffer overflow vulnerability.
Red Hat Security Advisory 2019-2822-01
Red Hat Security Advisory 2019-2822-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems,
written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the
maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues
addressed include an out of bounds write vulnerability.
VMware Security Advisory 2019-0013
VMware Security Advisory 2019-0013 - VMware ESXi and vCenter Server updates address command injection
and information disclosure vulnerabilities.
VMware Security Advisory 2019-0014
VMware Security Advisory 2019-0014 - VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates
address use-after-free and denial of service vulnerabilities.
Red Hat Security Advisory 2019-2799-01
Red Hat Security Advisory 2019-2799-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP,
POP3 and IMAP protocols, with a focus on high concurrency, performance and low memory usage. Issues
addressed include a denial of service vulnerability.
Debian Security Advisory 4525-1
Debian Linux Security Advisory 4525-1 - Simon McVittie reported a flaw in ibus, the Intelligent Input Bus. Due
to a misconfiguration during the setup of the DBus, any unprivileged user could monitor and send method calls
to the ibus bus of another user, if able to discover the UNIX socket used by another user connected on a
graphical environment. The attacker can take advantage of this flaw to intercept keystrokes of the victim user or
modify input related configurations through DBus method calls.
Red Hat Security Advisory 2019-2807-01
Red Hat Security Advisory 2019-2807-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This
update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and
use-after-free vulnerabilities.
Red Hat Security Advisory 2019-2805-01
Red Hat Security Advisory 2019-2805-01 - The systemd packages contain systemd, a system and service
manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism
capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and
keeps track of processes using Linux cgroups. An insufficient input validation issue was addressed.
Red Hat Security Advisory 2019-2806-01
Red Hat Security Advisory 2019-2806-01 - Ruby is an extensible, interpreted, object-oriented, scripting
language. It has features to process text files and to perform system management tasks. Issues addressed
include a code execution vulnerability.
Red Hat Security Advisory 2019-2808-01
Red Hat Security Advisory 2019-2808-01 - The kernel packages contain the Linux kernel, the core of any Linux
operating system. A page cache side channel attack issue was addressed.
Red Hat Security Advisory 2019-2798-01
Red Hat Security Advisory 2019-2798-01 - The patch program applies diff files to originals. The diff command
is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the
original file can then use the patch command with the diff file to add the changes to their original file. Issues
addressed include a code execution vulnerability.
Red Hat Security Advisory 2019-2773-01
Red Hat Security Advisory 2019-2773-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This
update upgrades Thunderbird to version 60.9.0. Issues addressed include cross site scripting and
use-after-free vulnerabilities.