Security risks it deals with include data parameter pollution, SQL injection and memory buffer overflows. It is also useful in assessing the security of …
Tag: Computer memory
Cisco Integrated Management Controller Buffer Overflow Vulnerability
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device.
The vulnerability is due to improper bounds checking by the import-config process. An attacker could exploit this vulnerability by sending malicious packets to an affected device. When the packets are processed, an exploitable buffer overflow condition may occur. A successful exploit could allow the attacker to implement arbitrary code on the affected device with elevated privileges.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190821-imc-bo
Security Impact Rating: High
CVE: CVE-2019-1871
Related:
Cisco Nexus 9000 Series ACI Mode Switch Software Link Layer Discovery Protocol Buffer Overflow Vulnerability
A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges.
The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges.
Note: This vulnerability cannot be exploited by transit traffic through the device; the crafted packet must be targeted to a directly connected interface.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo
Security Impact Rating: High
CVE: CVE-2019-1901
Related:
Aim of Application attack | Application Vulnerabilities Revealed..
SQL Injection – Buffer Overflow + WAF Bypass 6K Hell Shiel. SQL Injection – Buffer Overflow + WAF Bypass. Buffer Overflow Attack – Computerphile …
Related:
Question regarding the windows registry key value after installing VDA- HKLMsystemcurrentcontrolsetcontrolsession manager the name of the key is “Global Flag
Question:-
Why does the value of “Global Flag” under “HKLM/System/CurrentControlSet/Control/Session Manager” change to 400 after Citrix Virtual Desktop agent is installed?
Answer:-
The value 400 for Global Flag inside HKLM/System/CurrentControlSet/Control/Session Manager is enabling pool tagging which is used for debugging and tracking memory usage.
We can track a memory block with this tag, the tag is set when we allocate memory, so it is built into the code to do this.
We can turn it on/off with gflags values, however if there is ever a problem then we will have to turn it on to get the memory usage tracked in a dump or other diagnostic tool. It is not something to worry about.
It is more of a debugging convince for us in the event that memory gets stomped on, we will have a better idea of where the memory came from.
we can also locate memory leaks easier with it.
Related:
Cisco Integrated Management Controller Denial of Service Vulnerability
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition.
The vulnerability is due to insufficient checking of an input buffer. An attacker could exploit this vulnerability by passing a crafted file to the affected system. A successful exploit could inhibit an administrator’s ability to access the system.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-imc-frmwr-dos
Security Impact Rating: Medium
CVE: CVE-2019-1630
Related:
Finding the Sweet Spot When It Comes to Your Server Refresh Cycle
Nothing lasts forever. Despite the rumors, even Twinkies have a limited shelf life. Which is why the server refresh cycle is so important for organizations today. Servers don’t last forever, and waiting too long to replace can result in downtime and put your core business functions at risk. But on the flip side, if you refresh too soon and for the wrong reasons, it could be a costly decision that eats up most of your IT budget. So How Do You Find That Server Refresh “Sweet Spot”? When it comes to server refresh, there are plenty … READ MORE
Related:
attack-taxonomy.pdf – Attack taxonomy Paolo Tonella…
Attacks 1. Buffer overflow 2. String formats 3. Integer overflow 4. SQL injection 5. Command injection 6. Error handling 7. Cross site scripting 8.
Related:
Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary code as root.
The vulnerability is due to incorrect input validation in the NX-API feature. An attacker could exploit this vulnerability by sending a crafted HTTP or HTTPS request to an internal service on an affected device that has the NX-API feature enabled. A successful exploit could allow the attacker to cause a buffer overflow and execute arbitrary code as root.
Note: The NX-API feature is disabled by default.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-api-ex
This advisory is part of the March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 26 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: March 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.
Security Impact Rating: High
CVE: CVE-2019-1605
Related:
Disk Caching
I need a solution
Hi,
May I know where I can check the disk used for caching on MACH5? And also have a report on the websites already cached on the appliance? And also the size of disk reserve for caching.
Thank you,
Arnel De la Cruz
0