The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Ssh's ProxyCommand option can be passed from imap_open to execute arbitrary commands. While many custom applications may use imap_open, this exploit works against the following applications: e107 v2, prestashop, SuiteCRM, as well as Custom, which simply prints the exploit strings for use. Prestashop exploitation requires the admin URI, and administrator credentials. suiteCRM/e107/hostcms require administrator credentials.

This Metasploit module exploits a vulnerability in Nagios XI versions before 5.6.6 in order to execute arbitrary commands as root. The module uploads a malicious plugin to the Nagios XI server and then executes this plugin by issuing an HTTP GET request to download a system profile from the server. For all supported targets except Linux (cmd), the module uses a command stager to write the exploit to the target via the malicious plugin. This may not work if Nagios XI is running in a restricted Unix environment, so in that case the target must be set to Linux (cmd). The module then writes the payload to the malicious plugin while avoiding commands that may not be supported. Valid credentials for a user with administrative privileges are required. This module was successfully tested on Nagios XI 5.6.5 running on CentOS 7. The module may behave differently against older versions of Nagios XI.

Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia.

This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary.

This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2.

Transferable Remote version 1.1 for iPad and iPhone suffers from cross site scripting, remote command injection, and local file inclusion vulnerabilities.

qdPM versions prior to 9.1 suffer from a remote shell upload vulnerability that allows for remote code execution.

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

This Metasploit module exploits a flaw where an authenticated user with sufficient administrative rights to manage pollers can use this functionality to execute arbitrary commands remotely. Usually, the miscellaneous commands are used by the additional modules (to perform certain actions), by the scheduler for data processing, etc. This module uses this functionality to obtain a remote shell on the target.

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.900 and below. Any user authorized to the "Java file manager" and "Upload and Download" fields, to execute arbitrary commands with root privileges. In addition, "Running Processes" field must be authorized to discover the directory to be uploaded. A vulnerable file can be printed on the original files of the Webmin application. The vulnerable file we are uploading should be integrated with the application. Therefore, a ".cgi" file with the vulnerability belong to webmin application should be used. The module has been tested successfully with Webmin version 1.900 over Debian 4.9.18.

devolo dLAN 550 duo+ version 3.1.0-1 suffers from a remote code execution vulnerability. The devolo firmware has what seems to be a 'hidden' services which can be enabled by authenticated attacker via the the htmlmgr CGI script. This allows the attacker to start services that are deprecated or discontinued and achieve remote arbitrary code execution with root privileges.

An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi (function genacgi_main() in /htdocs/cgibin), which is accessible without credentials.

A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country.

American Municipal Power and the city of Hamilton held a dedication ceremony for the 105-MW Meldahl hydroelectric plant on June 2.

A pair of applications filed by the Klamath River Renewal Corporation today with the Federal Energy Regulatory Commission puts into official motion a long-standing plan to remove four hydroelectric plants on the Klamath River.

A sparsely populated Chinese province that’s home to the headwaters of the Yangtze and Yellow rivers is attempting to set a new record for clean energy use, serving as a test bed for the entire country.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

The shift to working at home during the COVID-19 pandemic is yet another reason to embrace the "zero trust" strategy, says Dave Lewis of Duo Security, who provides guidance.

This webcast gives 6 tips for keeping employees safe and mitigating security threats as your workforce goes remote.
Learn how to protect employees from malicious web content.

Starting this month, NVIDIA’s Deep Learning Institute is offering instructor-led workshops that are delivered remotely via a virtual classroom. DLI provides hands-on training in AI, accelerated computing and accelerated data science to help developers, data scientists and other professionals solve their most challenging problems. These in-depth classes are taught by experts in their respective fields, Read article >

The post NVIDIA Deep Learning Institute Instructor-Led Training Now Available Remotely appeared first on The Official NVIDIA Blog.

Starting this month, NVIDIA’s Deep Learning Institute is offering instructor-led workshops that are delivered remotely via a virtual classroom. DLI provides hands-on training in AI, accelerated computing and accelerated data science to help developers, data scientists and other professionals solve their most challenging problems. These in-depth classes are taught by experts in their respective fields, Read article >

The post NVIDIA Deep Learning Institute Instructor-Led Training Now Available Remotely appeared first on The Official NVIDIA Blog.

Advice note - Remote/home working during the coronavirus outbreak Employers are facing unprecedented challenges due to the coronavirus, which for some mean that a significant proportion, if not all, of its workforce are working from home, at short n...

...

The EU's ambassador made a 'mistake' in giving the go-ahead for the censorship, officials say.

The Courts Service has initiated a pilot virtual hearing programme (“Pilot Programme”), with Courts of a number of jurisdictions participating, in light of the ongoing nationwide Covid-19 restrictions. It is anticipated that, following c...

Russian President Vladimir Putin marked Victory Day, the anniversary of the defeat of Nazi Germany in World War II, in a ceremony shorn of its usual military parade and pomp by the coronavirus pandemic.

After nine years pursuing her claim against her employer, Michelle Alabaster walked away with an award of just £204.53.  However, the impact of the decisions of the ECJ, and now the Court of Appeal in the maternity pay case of Ala...

The Community Infrastructure Levy (Amendment) (England) (No. 2) Regulations 2019 are due to come into force on 1 September 2019. The 2019 Regulations were introduced by the Government earlier this year, alongside their response to the technical cons...

South Dakota Gov. Kristi Noem (R) “has given an ultimatum to...

Dolmabahçe Palace has been astonishing visitors with its stunning architecture and breathtaking designs but the most astounding room it houses is the Ceremonial Hall.

A.L. Sadler examines in minute detail the origins of tea drinking and the rich and complex components of its ritualization.

"This is a daunting challenge," New York Governor Andrew Cuomo said at a daily briefing last week. "The entire public transport system in downstate New York will be disinfected every 24 hours."