dcsimg

IT Security Vulnerability Roundup – February 2019

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Email  

Several new security vulnerabilities are found and disclosed on a monthly basis – below, we look at 12 flaws that were disclosed in recent weeks.

1. Remote Code Execution Vulnerability in Microsoft Windows DHCP Server

CVE identifier: CVE-2019-0626

CVSS Base Score: 9.8

The vulnerability: A flaw due to improper memory operations in the DHCP server component of Microsoft Windows could allow an authenticated, remote attacker to execute arbitrary code and compromise the system completely. An attacker could exploit the vulnerability by sending a DHCP packet that submits malicious input to the affected software.

The fix: Microsoft has released software updates to address the vulnerability.

More info: Cisco has details here, and Microsoft has more information here.

2. Security Bypass Vulnerability in MikroTik RouterOS

CVE identifier: CVE-2019-3924

CVSS Base Score: 9.8

The vulnerability: A vulnerability caused by the execution of user-defined network requests to both WAN and LAN clients in MikroTik RouterOS could allow an attacker to bypass the router's firewall or for general network scanning activities.

The fix: MikroTik has released software updates to address the vulnerability.

More info: Tenable has details here, and IBM X-Force has more information here.

3. SQL Injection Vulnerability in SQLAlchemy

CVE identifier: CVE-2019-7164

CVSS Base Score: 9.8

The vulnerability: A vulnerability due to insufficient validation of user supplied input submitted to the order_by parameter of SQLAlchemy could allow an unauthenticated, remote attacker to conduct a SQL injection attack against a targeted system, leading to further exploits against the system. Proof-of-concept code demonstrating an exploit of the flaw is publicly available.

The fix: SQLAlchemy has released software updates to address the vulnerability.

More info: Cisco has details here, and NIST has more information here.

4. Remote Command Execution Vulnerability in Cisco Routers

CVE identifier: CVE-2019-1663

CVSS Base Score: 9.8

The vulnerability: A vulnerability due to improper validation of user-supplied data in the Web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. An attacker could exploit the vulnerability by sending malicious HTTP requests to a targeted device.

The fix: Cisco has released software updates to address the vulnerability.

More info: Cisco has details here, and IBM X-Force has more information here.

5. Double Free Vulnerability in GD Graphics Library

CVE identifier: CVE-2019-6978

CVSS Base Score: 9.8

The vulnerability: A flaw in the GD Graphics Library (libgd) could allow an unauthenticated remote attacker to execute arbitrary code on a targeted system. By sending crafted image data that submits malicious input to the targeted system, an attacker could trigger a double-free condition resulting a complete system compromise. Proof-of-concept code demonstrating an exploit of the vulnerability is publicly available.

The fix: The libgd project has released a patch to address the vulnerability.

More info: Cisco has details here, and NIST has more information here.

6. Remote Code Execution Vulnerability in Indexhibit

CVE identifier: CVE-2019-8954

CVSS Base Score: 9.8

The vulnerability: A flaw in the ndxzstudio/?a=system script in Indexhibit could enable an attacker to execute arbitrary code on the affected system.

The fix: No remedy was available at the time of publication.

More info: IBM X-Force has details here.

7. Two Critical Vulnerabilities in PHP

CVE identifiers: CVE-2019-9023, CVE-2019-9025

CVSS Base Scores: 9.8, 9.8

The vulnerabilities: Two vulnerabilities in PHP due to improper memory operations could allow an unauthenticated, remote attacker to completely compromise a targeted system. Proof-of-concept code demonstrating exploits of both vulnerabilities are publicly available.

The fix: PHP has released software updates to address the vulnerabilities.

More info: Cisco has details here and here, and NIST has more information here and here.

8. Authentication Bypass Vulnerability in Dovecot

CVE identifier: CVE-2019-3814

CVSS Base Score: 8.2

The vulnerability: A vulnerability in Dovecot caused by improper handling of valid, trusted client certificates could allow an authenticated, remote attacker to log in as another user on a targeted system. A successful exploit could then be used to conduct further attacks. Proof-of-concept code demonstrating an exploit of the flaw is publicly available.

The fix: Dovecot has released software updates to address the vulnerability.

More info: Cisco has details here, and Dovecot has more information here.

9. Command Execution Vulnerability in Cisco Webex Meetings

CVE identifier: CVE-2019-1674

CVSS Base Score: 7.8

The vulnerability: A vulnerability caused by improper validation of user-supplied parameters in the Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools for Windows could allow a local authenticated attacker to execute arbitrary commands with SYSTEM user privileges.

The fix: Cisco has released software updates to address the vulnerability.

More info: Cisco has details here.

10. Denial of Service Vulnerability in Linux Kernel

CVE identifier: CVE-2019-8980

CVSS Base Score: 7.5

The vulnerability: A vulnerability due to improper memory operations performed by the kernel_read_file function of the Linux Kernel could allow an unauthenticated remote attacker to cause a memory leak condition, resulting in a denial of service condition on the targeted system. Proof-of-concept code demonstrating an exploit of the vulnerability is publicly available.

The fix: Kernel.org has released a software patch for the vulnerability.

More info: Cisco has details here, and NIST has more information here.

11. Denial of Service Vulnerability in ISC BIND

CVE identifier: CVE-2019-5744

CVSS Base Score: 7.5

The vulnerability: A vulnerability in the named daemon of ISC BIND, caused by improper memory operations, could allow an unauthenticated, remote attacker to cause a denial of service condition on a targeted system.

The fix: ISC.org has released software updates to address the vulnerability.

More info: Cisco has details here, and ISC.org has more information here.

12. Cross-Site Scripting Vulnerability in Splunk Web

CVE identifier: CVE-2019-5727

CVSS Base Score: 7.4

The vulnerability: A vulnerability due to insufficient validation of user-supplied input by Splunk Web could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting attack on a targeted system, enabling them to execute arbitrary script code in the context of the Web interface.

The fix: Splunk has released software updates to address the vulnerability.

More info: Cisco has details here, and Splunk has more information here.

 

Looking for more? Last month’s vulnerability roundup can be found here.