Category Archives: Security

Security

Moodle CVE-2018-1044 Unauthorized Access Vulnerability

Vulnerable:

Moodle Moodle 3.3.3
Moodle Moodle 3.3.1
Moodle Moodle 3.2.6
Moodle Moodle 3.2.4
Moodle Moodle 3.1.9
Moodle Moodle 3.1.7
Moodle Moodle 3.1.4
Moodle Moodle 3.1.3
Moodle Moodle 3.1.2
Moodle Moodle 3.1.1
Moodle Moodle 3.4
Moodle Moodle 3.3.2
Moodle Moodle 3.3
Moodle Moodle 3.2.5
Moodle Moodle 3.2.3
Moodle Moodle 3.2.2
Moodle Moodle 3.2.1
Moodle Moodle 3.2
Moodle Moodle 3.1.8
Moodle Moodle 3.1.6
Moodle Moodle 3.1.5
Moodle Moodle 3.1

Moodle CVE-2018-1042 Server Side Request Forgery Security Bypass Vulnerability

Vulnerable:

Moodle Moodle 3.3.3
Moodle Moodle 3.3.1
Moodle Moodle 3.2.6
Moodle Moodle 3.2.4
Moodle Moodle 3.1.9
Moodle Moodle 3.1.7
Moodle Moodle 3.1.4
Moodle Moodle 3.1.3
Moodle Moodle 3.1.2
Moodle Moodle 3.1.1
Moodle Moodle 3.0.8
Moodle Moodle 3.0.7
Moodle Moodle 3.0.6
Moodle Moodle 3.0.5
Moodle Moodle 3.0.4
Moodle Moodle 3.0.3
Moodle Moodle 3.0.2
Moodle Moodle 3.0.1
Moodle Moodle 2.9.9
Moodle Moodle 2.9.8
Moodle Moodle 2.9.7
Moodle Moodle 2.9.6
Moodle Moodle 2.9.5
Moodle Moodle 2.9.4
Moodle Moodle 2.9.3
Moodle Moodle 2.9.1
Moodle Moodle 2.8.12
Moodle Moodle 2.8.11
Moodle Moodle 2.8.10
Moodle Moodle 2.8.9
Moodle Moodle 2.8.7
Moodle Moodle 2.8.6
Moodle Moodle 2.8.5
Moodle Moodle 2.8.4
Moodle Moodle 2.8.3
Moodle Moodle 2.7.18
Moodle Moodle 2.7.17
Moodle Moodle 2.7.16
Moodle Moodle 2.7.15
Moodle Moodle 2.7.14
Moodle Moodle 2.7.13
Moodle Moodle 2.7.12
Moodle Moodle 2.7.11
Moodle Moodle 2.7.10
Moodle Moodle 2.7.9
Moodle Moodle 2.7.8
Moodle Moodle 2.7.7
Moodle Moodle 2.7.6
Moodle Moodle 2.7.5
Moodle Moodle 2.7.3
Moodle Moodle 2.7.2
Moodle Moodle 2.6.11
Moodle Moodle 2.6.10
Moodle Moodle 2.6.9
Moodle Moodle 2.6.8
Moodle Moodle 2.6.6
Moodle Moodle 2.6.5
Moodle Moodle 2.6.3
Moodle Moodle 2.6.2
Moodle Moodle 2.6.1
Moodle Moodle 2.5.9
Moodle Moodle 2.5.8
Moodle Moodle 2.5.6
Moodle Moodle 2.5.4
Moodle Moodle 2.5.2
Moodle Moodle 2.5.1
Moodle Moodle 2.4.10
Moodle Moodle 2.4.8
Moodle Moodle 2.4.6
Moodle Moodle 2.4.5
Moodle Moodle 2.4.4
Moodle Moodle 2.4.3
Moodle Moodle 2.3.11
Moodle Moodle 2.3.9
Moodle Moodle 2.3.8
Moodle Moodle 2.3.7
Moodle Moodle 2.3.6
Moodle Moodle 2.3.3
Moodle Moodle 2.3.2
Moodle Moodle 2.3.1
Moodle Moodle 2.2.11
Moodle Moodle 2.2.10
Moodle Moodle 2.2.9
Moodle Moodle 2.2.6
Moodle Moodle 2.2.5
Moodle Moodle 2.2.4
Moodle Moodle 2.2.3
Moodle Moodle 2.2.2
Moodle Moodle 2.2.1
Moodle Moodle 2.1.9
Moodle Moodle 2.1.8
Moodle Moodle 2.1.7
Moodle Moodle 2.1.6
Moodle Moodle 2.1.5
Moodle Moodle 2.1.4
Moodle Moodle 2.1.2
Moodle Moodle 2.1.1
Moodle Moodle 2.0.10
Moodle Moodle 2.0.9
Moodle Moodle 2.0.8
Moodle Moodle 2.0.7
Moodle Moodle 2.0.5
Moodle Moodle 2.0.4
Moodle Moodle 2.0.3
Moodle Moodle 2.0.2
Moodle Moodle 2.0.1
Moodle Moodle 1.9.18
Moodle Moodle 1.9.17
Moodle Moodle 1.9.16
Moodle Moodle 1.9.14
Moodle Moodle 1.9.13
Moodle Moodle 1.9.12
Moodle Moodle 1.9.11
Moodle moodle 1.9.10
Moodle moodle 1.9.9
Moodle moodle 1.9.8
Moodle moodle 1.9.7
Moodle moodle 1.9.6
Moodle Moodle 1.9.5
Moodle moodle 1.9.4
Moodle moodle 1.9.3
Moodle moodle 1.9.2
Moodle Moodle 1.9.1
Moodle moodle 1.8.14
Moodle moodle 1.8.13
Moodle moodle 1.8.11
Moodle moodle 1.8.10
Moodle moodle 1.8.9
Moodle moodle 1.8.8
Moodle moodle 1.8.7
Moodle moodle 1.8.6
Moodle moodle 1.8.5
Moodle moodle 1.8.4
Moodle moodle 1.8.3
Moodle moodle 1.8.2
Moodle Moodle 1.8.1
Moodle moodle 1.7.7
Moodle moodle 1.7.6
Moodle moodle 1.7.5
Moodle moodle 1.7.4
Moodle moodle 1.7.3
Moodle moodle 1.7.2
Moodle moodle 1.7.1
Moodle moodle 1.6.9
Moodle moodle 1.6.8
Moodle moodle 1.6.7
Moodle moodle 1.6.6
Moodle moodle 1.6.5
Moodle moodle 1.6.4
Moodle moodle 1.6.3
Moodle moodle 1.6.2
Moodle moodle 1.6.1
Moodle moodle 1.6
Moodle moodle 1.5.2
Moodle moodle 1.5.1
Moodle moodle 1.5
Moodle moodle 1.4.3
Moodle moodle 1.4.2
Moodle moodle 1.4.1
Moodle moodle 1.3.4
Moodle moodle 1.3.3
Moodle moodle 1.3.2
Moodle moodle 1.3.1
Moodle moodle 1.3
Moodle Moodle 1.2.2
Moodle moodle 1.2.1
Moodle moodle 1.2
Moodle moodle 1.1.1
Moodle Moodle 3.4
Moodle Moodle 3.3.2
Moodle Moodle 3.3
Moodle Moodle 3.2.5
Moodle Moodle 3.2.3
Moodle Moodle 3.2.2
Moodle Moodle 3.2.1
Moodle Moodle 3.2
Moodle Moodle 3.1.8
Moodle Moodle 3.1.6
Moodle Moodle 3.1.5
Moodle Moodle 3.1
Moodle Moodle 3.0.9
Moodle Moodle 3.0.10
Moodle Moodle 3.0
Moodle Moodle 2.9.2
Moodle Moodle 2.9
Moodle Moodle 2.8.8
Moodle Moodle 2.8.2
Moodle Moodle 2.8.1
Moodle Moodle 2.8
Moodle Moodle 2.7.4
Moodle Moodle 2.7.20
Moodle Moodle 2.7.19
Moodle Moodle 2.7.1
Moodle Moodle 2.7
Moodle Moodle 2.6.7
Moodle Moodle 2.6.4
Moodle Moodle 2.6
Moodle Moodle 2.5.7
Moodle Moodle 2.5.5
Moodle Moodle 2.5.3
Moodle Moodle 2.5
Moodle Moodle 2.4.9
Moodle Moodle 2.4.7
Moodle Moodle 2.4.2
Moodle Moodle 2.4.11
Moodle Moodle 2.4.1
Moodle Moodle 2.4
Moodle Moodle 2.3.5
Moodle Moodle 2.3.4
Moodle Moodle 2.3.10
Moodle Moodle 2.3
Moodle Moodle 2.2.8
Moodle Moodle 2.2.7
Moodle Moodle 2.2
Moodle Moodle 2.1.3
Moodle Moodle 2.1.10
Moodle Moodle 2.1
Moodle Moodle 2.0.6
Moodle Moodle 2.0
Moodle Moodle 1.9.20
Moodle Moodle 1.9.19
Moodle Moodle 1.9.15
Moodle moodle 1.9
Moodle Moodle 1.8
Moodle moodle 1.7
Moodle Moodle 1.6
Moodle Moodle 1.5
Moodle Moodle 1.4.5
Moodle Moodle 1.4.4
Moodle Moodle 1.3
Moodle moodle 1.18.2.3
Moodle moodle 1.18.2.2
BEA Systems Weblogic Proxy Plugin 1.5.3

CentOS Web Panel v0.9.8.12 – Remote SQL Injection Vulnerabilities

Posted by Vulnerability Lab on Jan 22

Document Title:
===============
CentOS Web Panel v0.9.8.12 – Remote SQL Injection Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1833

Release Date:
=============
2018-01-22

Vulnerability Laboratory ID (VL-ID):
====================================
1833

Common Vulnerability Scoring System:
====================================
7.5

Vulnerability Class:
====================
SQL…

Read more

Nearly Half of the Norway Population Exposed in HealthCare Data Breach

healthcare-data-breach-medical-records

Cybercriminals have stolen a massive trove of Norway’s healthcare data in a recent data breach, which likely impacts more than half of the nation’s population.

An unknown hacker or group of hackers managed to breach the systems of Health South-East Regional Health Authority (RHF) and reportedly stolen personal info and health records of some 2.9 million Norwegians out of the country’s total 5.2 million inhabitants.

Health South-East RHA is a healthcare organisation that manages hospitals in Norway’s southeast region, including Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark, Aust-Agder and Vest-Agder.

The healthcare organisation announced the data breach on Monday after it had been alerted by HelseCERT, the Norwegian CERT department for its healthcare sector, about an “abnormal activity” against computer systems in the region.

HelseCERT also said the culprits behind the data breach are “advanced and professional” hackers, although it is still unknown as to whether they were managed to exfiltrate data successfully and if so, how many people may have been impacted.

So far there’s also no evidence if the stolen data theft has had any consequences for or effects on patients’ safety. However, the healthcare organisation assured that security “measures had been taken to limit the damage caused by the burglary.

“We are in a phase where we try to get an overview. It’s far too early to say how big the attack is. We are working to acquire knowledge of all aspects, ” NorCERT director Kjetil Nilsen told Norwegian publication VG.

“Everything indicates that it is an advanced player who has the tools and ability to perform such an attack. It can be advanced criminals. There is a wide range of possibilities.”

Why Do Hackers Want Your Health Data?

Digital healthcare has been growing to satisfy the demands of connected healthcare technology that provides better treatment and improved patient care.

We know that any organisation with a computer is at risk from cyber-attacks both from criminals wanting to extort money and state-sponsored hackers wanting to cause chaos.

Since the healthcare sector is part of the critical national infrastructure, alongside water, electricity and transport, it becomes an attractive target for hackers.

Believe it or not, your medical records are worth more to hackers than your stolen credit card details on the dark web markets.

Financial data has a finite lifespan, but the information contained in health care records—which includes names, birth dates, policy numbers, diagnosis codes, social security number and billing information—has a much longer shelf life and is rich enough for identity theft.

Fraudsters can use this data to create fake identities to do all illegal kinds of stuff in your name, combine a patient number with a false provider number and file fake claims with insurers, and even file fake tax returns using your stolen addresses, phone numbers and employment history.

How to Protect Yourself After a Data Breach?

If you are a one of those affected by the healthcare breach, you will have to remain vigilant against fraud for the rest of your lives, because the risk of identity theft isn’t short term, unlike in case of credit cards fraud.

You may follow the following steps to protect yourself:

1) Monitor Your Accounts: Watch out if someone using your information do not ever try to take over or transfer money out of your existing accounts. Don’t forget that thieves with stolen details on you can get through your security questions, including the last four digits of your social and street address. Also, watch for any unauthorised activity or transfers on your current financial accounts.

2) File Your Taxes Early: With the stolen information in the hands, cyber thieves could hook your tax refund by filing your taxes early and claiming it for themselves. So, to avoid any such problems, file your taxes as early as possible.

3) Stay Vigilant: The foremost thing to protect against any breach is to stay vigilant, as nobody knows when or where your stolen identities will be used. So, affected consumers will simply have to stay mindful forever.

Acadmic Microsoft – API Query Filter Cross Site Scripting Vulnerability

Posted by Vulnerability Lab on Jan 21

Document Title:
===============
Acadmic Microsoft – API Query Filter Cross Site Scripting Vulnerability

References (Source):
====================
https://www.vulnerability-lab.com/get_content.php?id=2056

MSRC ID: 0001010174

Release Date:
=============
2018-01-20

Vulnerability Laboratory ID (VL-ID):
====================================
2056

Common Vulnerability Scoring System:
====================================
3.2

Vulnerability Class:…

Read more

15-Year-Old Schoolboy Posed as CIA Chief to Hack Highly Sensitive Information

crackas-with-attitude-hacker

Remember “Crackas With Attitude“?

A notorious pro-Palestinian hacking group behind a series of embarrassing hacks against United States intelligence officials and leaked the personal details of 20,000 FBI agents, 9,000 Department of Homeland Security officers, and some number of DoJ staffers in 2015.

Believe or not, the leader of this hacking group was just 15-years-old when he used “social engineering” to impersonate CIA director and unauthorisedly access highly sensitive information from his Leicestershire home, revealed during a court hearing on Tuesday.

Kane Gamble, now 18-year-old, the British teenager hacker targeted then CIA director John Brennan, Director of National Intelligence James Clapper, Secretary of Homeland Security Jeh Johnson, FBI deputy director Mark Giuliano, as well as other senior FBI figures.

Between June 2015 and February 2016, Gamble posed as Brennan and tricked call centre and helpline staff into giving away broadband and cable passwords, using which the team also gained access to plans for intelligence operations in Afghanistan and Iran.

The teenager also taunted his victims and their families, released their personal details, bombarded them with calls and messages, downloaded and installed pornography onto their computers and took control of their iPads and TV screens.

He also made hoax calls to Brennan’s home and took control of his wife’s iPad.

At one point, Gamble also sent DHS secretary Johnson a photograph of his daughter and said he would f*** her, phoned his wife, leaving a voicemail message which said: “Hi Spooky, am I scaring you?,” and even managed to get the message “I own you” on the couple’s home television.

Gamble was arrested in February 2016 at his council home in Coalville and last October he pleaded guilty to 8 charges of “performing a function with intent to secure unauthorised access” and 2 charges of “unauthorised modification of computer material.”

Gamble said he targeted the US government because he was “getting more and more annoyed about how corrupt and cold-blooded the US Government” was and “decided to do something about it.

Gamble’s defence said he was technically gifted but emotionally immature and has an autistic spectrum disorder, at the time of his offending, he had the mental development of a 12 or 13-year-old.

Also, the defence said, at no point did Gamble attempt to profit from his actions.

Out of 10 counts, Gamble previously admitted 8 charges of performing a function with intent to secure unauthorised access.

The teenager will be sentenced when the hearing resumes at a later date.

Two other members of Crackas With Attitude hacking group, Andrew Otto Boggs and Justin Gray Liverman, were arrested by FBI in September 2016 and had already been sentenced to five years in federal prison.

CVE-2017-17837

CVE-2017-17837 : The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the window

CVEdetails.com the ultimate security vulnerability data source

The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get’s cut off after 10 characters (by default), so the impact might be limited. A fix got applied and released in Apache deltaspike-1.8.1.

Publish Date : 2018-01-04 Last Update Date : 2018-01-19


CVSS Scores & Vulnerability Types

CVSS Score

4.3

Confidentiality Impact None
(There is no impact to the confidentiality of the system.)
Integrity Impact Partial
(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact None
(There is no impact to the availability of the system.)
Access Complexity Medium
(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required
(Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Cross Site Scripting
CWE ID 79


Products Affected By CVE-2017-17837


Number Of Affected Versions By Product


References For CVE-2017-17837


Metasploit Modules Related To CVE-2017-17837

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE’s CVE web site.

CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE’s CWE web site.

OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE’s OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user’s risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.

CentOS Web Panel v0.9.8.12 – Non-Persistent Cross Site Scripting Vulnerabilities

Posted by Vulnerability Lab on Jan 19

Document Title:
===============
CentOS Web Panel v0.9.8.12 – Non-Persistent Cross Site Scripting Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1835

Release Date:
=============
2018-01-17

Vulnerability Laboratory ID (VL-ID):
====================================
1835

Common Vulnerability Scoring System:
====================================
3.3

Vulnerability Class:…

Read more

Shopware 5.2.5 & v5.3 – Multiple Cross Site Scripting Web Vulnerabilities

Posted by Vulnerability Lab on Jan 19

Document Title:
===============
Shopware 5.2.5 & v5.3 – Multiple Cross Site Scripting Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1922

Shopware Security Tracking ID: SW-19834

Security Update:
http://community.shopware.com/Downloads_cat_448.html#5.3.4
http://community.shopware.com/_detail_2035.html

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15374

CVE-ID:…

Read more