#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

directory traversal vulnerability | Breaking Cybersecurity News | The Hacker News

Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V

Reverse RDP Attack Also Enables Guest-to-Host Escape in Microsoft Hyper-V
Aug 07, 2019
Remember the Reverse RDP Attack ? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely. (You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other third-party RDP clients, in a previous article written by Swati Khandelwal for The Hacker News.) At the time when researchers responsibly reported this path-traversal issue to Microsoft, in October 2018, the company acknowledged the issue, also known as " Poisoned RDP vulnerability ," but decided not to address it. Now, it turns out that Microsoft silently patched this vulnerability  (CVE-2019-0887) just last month as part of its July Patch Tuesday updates after Eyal Itkin, security researcher at CheckPoint, found the same issue affecting Microsoft's Hyper-V technology as well. Microsoft

Severe RCE Flaw Disclosed in Popular LibreOffice and OpenOffice Software

Severe RCE Flaw Disclosed in Popular LibreOffice and OpenOffice Software
Feb 05, 2019
It's 2019, and just opening an innocent looking office document file on your system can still allow hackers to compromise your computer. No, I'm not talking about yet another vulnerability in Microsoft Office, but in two other most popular alternatives— LibreOffice and Apache OpenOffice —free, open source office software used by millions of Windows, MacOS and Linux users. Security researcher Alex Inführ has discovered a severe remote code execution (RCE) vulnerability in these two open source office suites that could be triggered just by opening a maliciously-crafted ODT (OpenDocument Text) file. The attack relies on exploiting a directory traversal flaw, identified as CVE-2018-16858, to automatically execute a specific python library bundled within the software using a hidden onmouseover event. To exploit this vulnerability, Inführ created  an ODT file with a white-colored hyperlink (so it can't be seen) that has an "onmouseover" event to trick victim

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

'Zip Slip' Vulnerability Affects Thousands of Projects Across Many Ecosystems

'Zip Slip' Vulnerability Affects Thousands of Projects Across Many Ecosystems
Jun 05, 2018
Security researchers at British software firm Snyk have revealed details of a critical vulnerability that affects thousands of projects across many ecosystems and can be exploited by attackers to achieve code execution on the target systems. Dubbed " Zip Slip ," the issue is an arbitrary file overwrite vulnerability that triggers from a directory traversal attack while extracting files from an archive and affects numerous archive formats, including tar, jar, war, cpio, apk, rar, and 7z. Thousands of projects written in various programming languages including JavaScript, Ruby, Java, .NET and Go—from Google, Oracle, IBM, Apache, Amazon, Spring/Pivotal, Linkedin, Twitter, Alibaba, Eclipse, OWASP, ElasticSearch, JetBrains and more—contained vulnerable codes and libraries. Went undetected for years, the vulnerability can be exploited using a specially crafted archive file that holds directory traversal filenames, which if extracted by any vulnerable code or a library, wou

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Internet-Connected Medical Washer-Disinfector Found Vulnerable to Hacking

Internet-Connected Medical Washer-Disinfector Found Vulnerable to Hacking
Mar 27, 2017
Internet-of-Things devices are turning every industry into the computer industry, making customers think that their lives would be much easier with smart devices. There are, of course, some really good reasons to connect certain devices to the Internet. For example, remotely switching on your A/C a few minutes before you enter your home, instead of leaving it blasting all day. But does everything need to be connected? Of course, not. One such example is the latest bug report at Full Disclosure, affecting an Internet-connected washer-disinfector appliance by Germany-based manufacturer Miele . The Miele Professional PG 8528 appliance, which is used in medical establishments to clean and properly disinfect laboratory and surgical instruments, is suffering from a Web Server Directory Traversal vulnerability. Jens Regel of German consultancy Schneider & Wulf has discovered the flaw ( CVE-2017-7240 ) that allows an unauthenticated, remote attacker to access directories oth

Tajikistan Domain Registrar hacked; Google, Yahoo, Twitter, Amazon also defaced

Tajikistan Domain Registrar hacked; Google, Yahoo, Twitter, Amazon also defaced
Jan 07, 2014
Google's primary search domain for Tajikistan had seemingly been hacked yesterday, along with other high profile domains including Yahoo, Twitter, Amazon -- redirected to a defaced page. Actually neither Google, nor Twitter servers have been hacked, rather website of Tajikistan's Domain registrar ( domain.tj ) authority has been hacked, that allows the hacker to access domain control panel. Server Kernel:  Linux mx.takemail.com 2.4.21-27.ELsmp #1 SMP Wed Dec 1 21:59:02 EST 2004 i686 Iranian hacker ' Mr.XHat' successfully managed to change the DNS records of attack websites and defaced them for about a day. Hacker told ' The Hacker News ' that he used Directory Traversal vulnerability to hack the website and still has the access to the control panel. Directory traversal is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files. Following the screenshot of compromised Domain Registrar's Control Panel:

VMware View critical directory traversal vulnerability

VMware View critical directory traversal vulnerability
Dec 20, 2012
(DDI) Vulnerability Research Team (VRT) for reported a critical vulnerability in VMware View Server , that  is a directory traversal vulnerability that allows an unauthenticated remote attacker to retrieve arbitrary files from affected View Servers. Exploitation of this issue may expose sensitive information stored on the server. VMware has issued a patch for its VMware View product. It is listed as ' VMSA-2012-0017 ' in security advisory. This vulnerability affects both the View Connection Server and the View Security Server; VMware recommends that customers immediately update both servers to a fixed version of View. The Common Vulnerabilities and Exposures project has assigned the name CVE-2012-5978 to this issue. VMware's update to VMware View is available for free to license holders of the product and can be downloaded here . Disabling the Security Server will prevent exploitation of this vulnerability over untrusted remote networks or It may be p
Cybersecurity Resources