The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: 0day

Zero-Day Vulnerability in Symantec PGP Whole Disk Encryption

Zero-Day Vulnerability in Symantec PGP Whole Disk Encryption
January 05, 2013Wang Wei
Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, according to a pastebin note . Note was posted on 25th Dec by Nikita Tarakanov , claiming that  pgpwded.sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability. Affected version of software is Symantec PGP Desktop 10.2.0 Build 2599 (up-to date). Through a blog post , Symantec confirmed that its a potential issue, but it cannot easily be exploited. Vulnerability is limited to systems running Windows XP and Windows 2003 only. An attacker would need local access to a vulnerable computer to exploit this vulnerability. Note posted by Nikita also provide technical details on the issue, that help Symantec encryption engineering team to understand the issue. " However, the exploit would be very difficult to trigger as it relies on the system entering an error condition f

Multiple MySQL database Zero-day vulnerabilities published

Multiple MySQL database Zero-day vulnerabilities published
December 03, 2012Mohit Kumar
Researcher discovered Multiple Zero-day vulnerabilities in MySQL database software including Stack based buffer overrun, Heap Based Overrun, Privilege Elevation, Denial of Service and  Remote Preauth User Enumeration. Common Vulnerabilities and Exposures (CVE) assigned as : CVE-2012-5611 — MySQL (Linux) Stack based buffer overrun PoC Zeroday CVE-2012-5612 — MySQL (Linux) Heap Based Overrun PoC Zeroday CVE-2012-5613 — MySQL (Linux) Database Privilege Elevation Zeroday Exploit CVE-2012-5614 — MySQL Denial of Service Zeroday PoC CVE-2012-5615 — MySQL Remote Preauth User Enumeration Zeroday Currently, all reported bugs are under review and most of the researchers believed that some of these can be duplicate of an existing bugs. CVE-2012-5612 and CVE-2012-5614 could cause the SQL instance to crash, according to researchers. Where as another interesting bug CVE-2012-5615 allow attacker to find out that either any username exist on the Mysql server or not by repl

Remote 0day Exploit for Tectia SSH Server released

Remote 0day Exploit for Tectia SSH Server released
December 02, 2012Mohit Kumar
Hacker @kingcope discovered critical vulnerability in Tectia SSH Server. Exploit working on SSH-2.0-6.1.9.95 SSH Tectia Server (Latest available version from www.tectia.com) that allow attacker to bypass Authentication remotely. Description :  An attacker in the possession of a valid username of an SSH Tectia installation running on UNIX (verified on AIX/Linux) can login without a password. The bug is in the "SSH USERAUTH CHANGE REQUEST" routines which are there to allow a user to change their password. A bug in the code allows an attacker to login without a password by forcing a password change request prior to authentication. Download Exploit Code : Click Here A default installation on Linux (version 6.1.9.95 of Tectia) is vulnerable to the attack. Eric Romang posted a Demo video on Youtube, hope you will like it :) Command Source : https://goo.gl/BHqWd

Adobe Reader zero-day vulnerability with modified Blackhole Exploit-Kit

Adobe Reader zero-day vulnerability with modified Blackhole Exploit-Kit
November 08, 2012Mohit Kumar
Group-IB , a Russian cybercrime investigation company has discovered a zero-day vulnerability, affects Adobe Reader X and Adobe Reader XI. The vulnerability is also included in new modified version of Blackhole Exploit-Kit , which is used for the distributing the banking Trojans (Zeus, Spyeye, Carberp, Citadel) with the help of exploitation different vulnerabilities in client-side software. The particular exploit is available in underground forums for as much as $50,000 and bug is dangerous because it permits cybercriminals to run arbitrary shellcode by bypassing the sandbox feature integrated into the more recent versions of Adobe Reader. For now this flaw is distributed only in only small circles of the underground but it has the potential for much larger post-exploitation methods. The exploit is limited to  Microsoft Windows installations of Adobe Reader and it can't be fully executed until the user closes his Web browser (or Reader). Adobe representatives said that

Bug Hunters have Windows 8 Zeroday Exploit

Bug Hunters have Windows 8 Zeroday Exploit
November 01, 2012Mohit Kumar
French security researcher firm and famous bug hunters at Vupen announced that it had already developed an exploit that could take over a Window 8 machine running Internet Explorer 10, in spite of the many significant security upgrades Microsoft built into the latest version of its operating system. Windows 8 operating system released last week, and now Microsoft itself has not been aware of security vulnerabilities available in release. " We welcome #Windows 8 with various 0Ds combined to pwn all new Win8/IE10 exploit mitigations, " Vupen posted on Twitter . Bekrar's claim follows up on his promise earlier in the month that Vupen would be ready to compromise Windows 8 immediately upon its launch: " Windows 8 will be officially released by MS on Oct 26th, we'll release to customers the 1st exploit for Win8 the same day #CoordinatedPwnage " "T he in-depth technical details of the flaws will be shared with our customers and they can use them to protect their critical infrastruc

Zero-Day Exploit released for Vulnerability in Novell ZENworks

Zero-Day Exploit released for Vulnerability in Novell ZENworks
October 19, 2012Mohit Kumar
Rapid7 researcher Juan Vazquez recently uncovered a zero-day security flaw in Novell ZENworks Asset Management 7.5. This Vulnerability ( CVE-2012-4933 ) gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text. ZENworks Asset Management provides a Web Console, where the user can access the data collected about network devices and edit some information. This web interface provides some maintenance calls, two of them accessible with hardcoded credentials, allowing a remote attacker to retrieve any file from the remote file system with SYSTEM privileges and to get configuration parameters from the ZENworks Asset Management including the backend credentials in clear text. The vulnerability currently remains unpatched and US CERT recommends that users implement firewall rules that will restrict access to the web interface by unauthorised users. Read here , more about e

New Internet Explorer zero-day, Can trigger malware automatically

New Internet Explorer zero-day, Can trigger malware automatically
October 15, 2012Mohit Kumar
The new zero day exploit has been discovered and being exploited in the wild. This can be used to load malicious application on victim machines running fully patched Windows XP SP3 along with the latest editions of the IE 7 and IE 8 browser and Adobe's Flash software. Eric Romang  was  examining one of the servers used to launch attacks on vulnerable Java installations in past, and he says that he has found a new zero day exploit for Microsoft's Internet Explorer web browser. He said, " I can confirm, the zero-day season is really not over yet ." AlienVault Labs researcher Jaime Blasco reported that, " the gang behind the Java attacks in August and September may be moving on: with domains used in that attack located at new IP addresses and serving up the new and more potent attacks ." As shown in above image example, the file exploit.html creates the initial vector to exploit the vulnerability and loads the flash file Moh2010.swf, which 
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.