Blog

Archive for July 9th, 2019

VMWare Security Advisory on DoS Vulnerability in ESXi, (Tue, Jul 9th)

VMWare has released patches for ESXi that address a denial of service vulnerablility in hostd. ESXi 6.0 is unaffected, 6.5 has a patch, and 6.7 has a patch pending. This addresses a vulnerability described in CVE-2019-5528 and is rated important (CVSSv3 = 5.3). A workaround has also been published. If you run ESXi, you should take a look at this as well today.

 


John Bambenek
bambenek at gmail /dot/ com
ThreatSTOP

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Posted in: SANS

Leave a Comment (0) →

MSFT July 2019 Patch Tuesday, (Tue, Jul 9th)

July 2019 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Denial of Service Vulnerability
%%cve:2019-1083%% No No Less Likely Less Likely Important    
.NET Framework Remote Code Execution Vulnerability
%%cve:2019-1113%% No No More Likely More Likely Critical    
ADFS Security Feature Bypass Vulnerability
%%cve:2019-0975%% No No Less Likely Less Likely Important 4.3 3.9
%%cve:2019-1126%% No No Less Likely Less Likely Important 5.3 4.8
ASP.NET Core Spoofing Vulnerability
%%cve:2019-1075%% No No Less Likely Less Likely Moderate    
Azure Automation Elevation of Privilege Vulnerability
%%cve:2019-0962%% Yes No Less Likely Less Likely Important    
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
%%cve:2019-1072%% No No Less Likely Less Likely Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1062%% No No Critical 4.2 3.8
%%cve:2019-1092%% No No Critical 4.2 3.8
%%cve:2019-1103%% No No Critical 4.2 3.8
%%cve:2019-1106%% No No Critical 4.2 3.8
%%cve:2019-1107%% No No Critical 4.2 3.8
DirectWrite Information Disclosure Vulnerability
%%cve:2019-1093%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1097%% No No Less Likely Less Likely Important 5.5 5.0
DirectWrite Remote Code Execution Vulnerability
%%cve:2019-1117%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1118%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1119%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1120%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1121%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1122%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1123%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1124%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1127%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1128%% No No Less Likely Less Likely Important 7.8 7.0
DirectX Elevation of Privilege Vulnerability
%%cve:2019-0999%% No No Important 7.8 7.0
Docker Elevation of Privilege Vulnerability
%%cve:2018-15664%% Yes No Less Likely Less Likely Important    
GDI+ Remote Code Execution Vulnerability
%%cve:2019-1102%% No No Less Likely Less Likely Critical 8.4 7.6
Internet Explorer Memory Corruption Vulnerability
%%cve:2019-1063%% No No More Likely More Likely Critical 6.4 5.8
Latest Servicing Stack Updates
ADV990001 No No Critical    
Microsoft Browser Memory Corruption Vulnerability
%%cve:2019-1104%% No No More Likely More Likely Critical 6.4 5.8
Microsoft Excel Information Disclosure Vulnerability
%%cve:2019-1112%% No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
%%cve:2019-1110%% No No Less Likely Less Likely Important    
%%cve:2019-1111%% No No Less Likely Less Likely Important    
Microsoft Exchange Information Disclosure Vulnerability
%%cve:2019-1084%% No No Less Likely Less Likely Important    
Microsoft Exchange Server Elevation of Privilege Vulnerability
%%cve:2019-1136%% No No Less Likely Less Likely Important    
Microsoft Exchange Server Spoofing Vulnerability
%%cve:2019-1137%% No No Less Likely Less Likely Important    
Microsoft Office SharePoint XSS Vulnerability
%%cve:2019-1134%% No No Less Likely Less Likely Important    
Microsoft Office Spoofing Vulnerability
%%cve:2019-1109%% No No Less Likely Less Likely Important    
Microsoft SQL Server Remote Code Execution Vulnerability
%%cve:2019-1068%% Yes No Less Likely Less Likely Important    
Microsoft Windows Elevation of Privilege Vulnerability
%%cve:2019-1074%% No No More Likely More Likely Important 5.3 5.3
%%cve:2019-1082%% No No Important 7.7 7.7
Microsoft splwow64 Elevation of Privilege Vulnerability
%%cve:2019-0880%% No Yes Detected More Likely Important 7.0 6.3
Microsoft unistore.dll Information Disclosure Vulnerability
%%cve:2019-1091%% No No Less Likely Less Likely Important 5.5 5.0
Outlook on the web Cross-Site Scripting Vulnerability
ADV190021 No No Important    
Remote Desktop Protocol Client Information Disclosure Vulnerability
%%cve:2019-1108%% No No More Likely More Likely Important 6.5 5.9
Remote Desktop Services Remote Code Execution Vulnerability
%%cve:2019-0887%% Yes No More Likely More Likely Important 8.0 7.2
Scripting Engine Memory Corruption Vulnerability
%%cve:2019-1056%% No No Critical 6.4 5.8
%%cve:2019-1059%% No No Less Likely Less Likely Critical 6.4 5.8
%%cve:2019-1001%% No No More Likely More Likely Critical 6.4 5.8
%%cve:2019-1004%% No No More Likely More Likely Critical 6.4 5.8
SymCrypt Denial of Service Vulnerability
%%cve:2019-0865%% Yes No Less Likely Less Likely Important 7.5 6.7
Team Foundation Server Cross-site Scripting Vulnerability
%%cve:2019-1076%% No No Less Likely Less Likely Important    
Visual Studio Elevation of Privilege Vulnerability
%%cve:2019-1077%% No No Less Likely Less Likely Important    
Visual Studio Information Disclosure Vulnerability
%%cve:2019-1079%% No No Less Likely Less Likely Important    
WCF/WIF SAML Token Authentication Bypass Vulnerability
%%cve:2019-1006%% No No Less Likely Less Likely Important    
Win32k Elevation of Privilege Vulnerability
%%cve:2019-1132%% No Yes Important 7.8 7.2
Win32k Information Disclosure Vulnerability
%%cve:2019-1096%% No No Less Likely Less Likely Important 5.5 5.0
Windows Audio Service Elevation of Privilege Vulnerability
%%cve:2019-1086%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1087%% No No Less Likely Less Likely Important 7.8 7.0
%%cve:2019-1088%% No No Less Likely Less Likely Important 7.8 7.0
Windows DHCP Server Remote Code Execution Vulnerability
%%cve:2019-0785%% No No Less Likely Less Likely Critical 9.8 8.8
Windows DNS Server Denial of Service Vulnerability
%%cve:2019-0811%% No No Less Likely Less Likely Important 7.5 6.7
Windows Elevation of Privilege Vulnerability
%%cve:2019-1129%% Yes No More Likely More Likely Important 7.8 7.0
%%cve:2019-1130%% No No Less Likely Less Likely Important 7.8 7.0
Windows Error Reporting Elevation of Privilege Vulnerability
%%cve:2019-1037%% No No Less Likely Less Likely Important 7.0 6.3
Windows GDI Information Disclosure Vulnerability
%%cve:2019-1094%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1095%% No No Less Likely Less Likely Important 5.5 5.0
%%cve:2019-1098%% No No Important 5.5 5.0
%%cve:2019-1099%% No No Important 5.5 5.0
%%cve:2019-1100%% No No Important 5.5 5.0
%%cve:2019-1101%% No No Important 5.5 5.0
%%cve:2019-1116%% No No Important 5.5 5.0
Windows Hyper-V Denial of Service Vulnerability
%%cve:2019-0966%% No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Elevation of Privilege Vulnerability
%%cve:2019-1067%% No No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
%%cve:2019-1071%% No No More Likely More Likely Important 5.5 5.0
%%cve:2019-1073%% No No More Likely More Likely Important 5.5 5.0
Windows RPCSS Elevation of Privilege Vulnerability
%%cve:2019-1089%% No No More Likely More Likely Important 7.8 7.0
Windows WLAN Service Elevation of Privilege Vulnerability
%%cve:2019-1085%% No No Less Likely Less Likely Important 7.8 7.0
Windows dnsrlvr.dll Elevation of Privilege Vulnerability
%%cve:2019-1090%% No No Less Likely Less Likely Important 7.8 7.0

 


John Bambenek
bambenek at gmail /dot/ com
ThreatSTOP

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Posted in: SANS

Leave a Comment (0) →

Solving the WHOIS and Privacy Problem: A Draft of Implementing WHOIS in DNS, (Tue, Jul 9th)

Recently, due to GDPR, WHOIS records for domains have been redacted in many places and access to the information that has been relied on by investigators and abuse fighters is either much harder to get or simply unavailable. In theory, ICANN should be setting up a gated system that will give tiered access to various classes of people, but having participated in those discussions, it does not seem such a system would allow for access to the data we need to investigate, correlate, and respond to abuse and cybercrime.

To help solve this problem, fellow handler Richard Porter and myself have created an Internet-Draft to put information formerly available in WHOIS into DNS TXT records so the information can be voluntarily made available by domain owners. This will allow for programmatic access that can be used in automation to make policy decisions quickly (for instance, should I accept email from this domain). The gist of the proposal is to use a _whois subdomain record and have a variety of TXT records for adminstrative, technical, network, and security/abuse contacts (name, phone number, email, address). As the system relies on self-disclosure, it bypasses some of the sticker issues with privacy laws.

Take a look and chime in on your thoughts in comments or on the DNSOP mailing list where this is being discussed.


John Bambenek
bambenek at gmail /dot/ com
ThreatSTOP

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.

Posted in: SANS

Leave a Comment (0) →