Aggregator

A vulnerability was found in Citrix Storefront Server. It has been rated as critical. Affected by this issue is some unknown functionality of the component XML Data Handler. The manipulation leads to xml external entity reference. This vulnerability is handled as CVE-2019-13608. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Device and classified as problematic. This issue affects some unknown processing of the component SIMalliance Toolbox Browser. The manipulation as part of SMS Message leads to improper privilege management. The identification of this vulnerability is CVE-2019-16256. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in D-Link DNS-320 up to 2.05.B10. This issue affects some unknown processing of the file login_mgr.cgi of the component CGI Script. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2019-16057. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in vBulletin up to 5.5.4. It has been classified as critical. This affects an unknown part of the file ajax/render/widget_php. The manipulation of the argument widgetConfig[code] as part of Parameter leads to code injection. This vulnerability is uniquely identified as CVE-2019-16759. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Exim 4.92.0/4.92.1/4.92.2. It has been classified as critical. Affected is the function string_vformat of the file string.c of the component EHLO Command Handler. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2019-16928. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Windows up to Server 2019 and classified as critical. This issue affects some unknown processing of the component Authentication Request Handler. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2019-1322. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Oracle Argus Insight. It has been rated as critical. Affected by this issue is some unknown functionality of the component Core. The manipulation leads to deserialization. This vulnerability is handled as CVE-2019-18935. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Nagios XI up to 5.6.5. Affected by this issue is some unknown functionality of the file profile.php?cmd=download of the component Web Interface. The manipulation leads to command injection. This vulnerability is handled as CVE-2019-15949. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Zoho ManageEngine ServiceDesk Plus up to 10.0. It has been classified as critical. Affected is an unknown function of the component Login Page. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2019-8394. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 亚马逊宣布了针对 Redshift 的关键安全增强功能，Redshift 是一种受欢迎的数据仓库解决方案，这些增强功能旨在防止因配置错误和不安全的默认设置导致的数据泄露。 Redshift 被企业广泛用于商业智能和大数据分析，与 Google BigQuery、Snowflake 和 Azure Synapse Analytics 竞争。它因其在处理PB级数据时的效率和性能、可扩展性以及成本效益而受到重视。 然而，配置不当和宽松的默认设置导致了大规模数据泄露事件，例如 2022 年 10 月的 Medibank 勒索软件事件，据报道该事件涉及对公司 Redshift 平台的访问。 上周，AWS 宣布将为新创建的预配置集群实施三项安全默认设置，以显著提升平台的数据安全性，并最大限度地减少灾难性数据泄露的可能性。 第一项措施是默认限制新集群的公共访问，将其限制在用户的虚拟私有云（VPC）内，并防止直接外部访问。如果需要公共访问，必须明确启用，并建议用户使用安全组和网络访问控制列表（ACL）来限制访问。 第二项更改是默认为所有集群启用加密，以确保即使未授权访问也不会导致数据泄露。用户现在必须指定一个加密密钥，否则集群将使用 AWS 所有的密钥管理服务（KMS）密钥进行加密。依赖未加密集群进行数据共享的用户必须确保生产和消费集群都已加密。未能调整这些工作流程可能会在更改生效时导致中断。 第三项更改是默认为所有新集群和恢复的集群强制使用安全 SSL（TLS）连接，以防止数据拦截和“中间人”攻击。使用自定义参数组的用户被鼓励手动启用 SSL 以增强安全性。 需要注意的是，这些更改将影响新创建的预配置集群、无服务器工作组和恢复的集群，因此现有设置不会立即受到影响。然而，AWS 建议客户根据需要审查和更新其配置，以符合新的安全默认设置，避免运营中断。 “我们建议所有 Amazon Redshift 客户审查他们当前的配置，并考虑在他们的应用程序中实施新的安全措施，”公告中写道。“这些安全增强功能可能会对依赖公共访问、未加密集群或非 SSL 连接的现有工作流程产生影响。” 寻求指导和支持的客户被要求阅读在线“管理指南”或联系 AWS 支持。   消息来源：Bleeping Computer, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability, which was classified as critical, has been found in Sonatype Nexus Repository Manager up to 3.14.x. This issue affects some unknown processing of the component Access Control. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2019-7238. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in LG N1A1 NAS 3718.510 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation as part of Parameter leads to command injection. This vulnerability is known as CVE-2018-14839. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Citrix SD-WAN and Netscaler SD-WAN. This affects an unknown part. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2019-12991. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.1.16. It has been classified as critical. Affected is an unknown function of the file kernel/ptrace.c. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2019-13272. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Webmin up to 1.920. It has been declared as critical. This vulnerability affects unknown code of the file password_change.cgi. The manipulation of the argument old as part of Parameter leads to command injection. This vulnerability was named CVE-2019-15107. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Docker Desktop Community Edition up to 2.1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file docker-credential-wincred.exe. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2019-15752. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Kaseya VSA RMM and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2018-20753. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in DotNetNuke 9.2.0/9.2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to inadequate encryption strength. This vulnerability is known as CVE-2018-15811. The attack can be launched remotely. Furthermore, there is an exploit available.

🎉🎉🎉

🎉🎉🎉