Month: septiembre 2019

Linux kernel vulnerability CVE-2011-5327 Security Advisory Security Advisory Description In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_make_naa_ ... More info: https://support.f5.com/csp/article/K42315210

It was discovered that SPIP, a website engine for publishing, wouldallow unauthenticated users to modify published content and write tothe database, perform cross-site request forgeries, and enumerateregistered users. More info: https://www.debian.org/security/2019/dsa-4532

Samba vulnerability CVE-2019-10197 Security Advisory Security Advisory Description A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3 ... More info: https://support.f5.com/csp/article/K69511801

Linux kernel vulnerability CVE-2017-18509 Security Advisory Security Advisory Description An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket ... More info: https://support.f5.com/csp/article/K41582535

https://www.wordfence.com/blog/2019/09/podcast-episode-46-zero-day-vulnerability-in-rich-reviews-plugin-exploited-in-the-wild/ We chat with Mikey Veenstra to talk about the Wordfence Threat Intelligence team’s work tracking a series of active attacks on an unpatched vulnerability in the Rich Reviews plugin for WordPress. With an estimated 16,000 installations, attackers are targeting unauthenticated plugin option updates, which can be used to deliver stored cross-site scripting (XSS) More info: https://www.wordfence.com/blog/2019/09/podcast-episode-46-zero-day-vulnerability-in-rich-reviews-plugin-exploited-in-the-wild/

https://wpvulndb.com/vulnerabilities/9886 More info: https://wpvulndb.com/vulnerabilities/9886

REST Framework vulnerability CVE-2019-6651 Security Advisory Security Advisory Description The BIG-IP/BIG-IQ Configuration utility login page may not follow best security practices when handling a ... More info: https://support.f5.com/csp/article/K89509323

https://wpvulndb.com/vulnerabilities/9885 More info: https://wpvulndb.com/vulnerabilities/9885

https://perishablepress.com/stop-wordpress-changing-htaccess/ In a recent tutorial, I explain how to Stop WordPress from modifying .htaccess. That post explains several ways to prevent WordPress from making changes to .htaccess. This post explains an even better way that is safe, effective, non-invasive, re-usable, and super simple. I’ve been using it on my own sites now for a few […] More info: https://perishablepress.com/stop-wordpress-changing-htaccess/

http://feedproxy.google.com/~r/sucuri/blog/~3/7zkxQvxRAUo/the-hacker-returns-a-backdoor-edition.html Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them achieve their goals. You can think of it like having an annoying party-crasher at your pool party who decides to stick around uninvited, hiding […] More info: http://feedproxy.google.com/~r/sucuri/blog/~3/7zkxQvxRAUo/the-hacker-returns-a-backdoor-edition.html