apache struts2遠端代碼執行漏洞(s2-052)
nsfocus id 37544
cve id cve-2017-9805
受影響版本
apache group struts 2.5-2.5.12
apache group struts 2.1.2-2.3.33
漏洞點評
(資料來源:綠盟科技安全研究部&産品規則組)
最近一周cve公告總數與前期相比有所上升。值得關注的高危漏洞如下:
标題:a code execution flaw in labview will remain unpatched
時間:2017-09-03
摘要:security researchers at cisco talos have discovered a code execution issue in labview software that will remain unpatched.
連結:http://securityaffairs.co/wordpress/62588/hacking/labview-code-execution-flaw.html
時間:2017-09-04
摘要:exclusive — if you have an account on taringa, also known as “the latin american reddit,” your account details may have compromised in a massive data breach that leaked login details of almost all of its over 28 million users.
連結:http://thehackernews.com/2017/09/taringa-data-breach-hacking.html
标題:critical flaw in apache struts2 lets hackers take over web servers
時間:2017-09-05
摘要:security researchers have discovered a critical remote code execution vulnerability in the popular apache struts web application framework, allowing a remote attacker to run malicious code on the affected servers.
連結:http://thehackernews.com/2017/09/apache-struts-vulnerability.html
标題:apache software foundation releases security update
時間:2017-09-06
摘要:us-cert encourages users and administrators to review the apache security bulletin and vulnerability note vu#112992 and upgrade to struts 2.5.13.
連結:https://www.us-cert.gov/ncas/current-activity/2017/09/06/apache-software-foundation-releases-security-update
标題:european companies must tell employees if their work emails are being monitored
摘要:the european court of human rights (echr) on tuesday gave a landmark judgement concerning privacy in the workplace by overturning an earlier ruling that gave employers the right to spy on workplace communications.
連結:http://thehackernews.com/2017/09/employee-monitoring.html
标題:experts discover a new sophisticated malware dubbed xrat tied to mrat threat
摘要:researchers at lookout spotted a new mobile remote access trojan dubbed xrat tied to 2014 “xsser / mrat” surveillance campaign against hong kong protesters.
連結:http://securityaffairs.co/wordpress/62737/malware/xrat-malware.html
摘要:thousands of resumes and job applications containing the personal information of u.s. veterans, many with top secret clearances, and law enforcement officers were left exposed in an amazon web services s3 bucket, continuing a trend where poorly configured cloud-storage services are putting people at risk.
連結:https://threatpost.com/military-contractors-vendor-leaks-resumes-in-misconfigured-aws-s3/127803/
标題:xpwn2017
摘要:2017年9月6日,由xcon組委會、北京未來安全資訊技術有限公司聯合主辦,螞蟻金服安全應急響應中心、百度安全共同支援的“xpwn2017 未來安全探索盛會”在北京隆重召開。本屆盛會以“極智·未來”為主題廣邀國内外資訊安全愛好者、資訊安全工作者以及資訊安全行業專家共赴安全“極智”盛宴。
連結:http://www.ijiandao.com/safe/it/68488.html
摘要:security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device.
連結:http://thehackernews.com/2017/09/hacking-android-bootloader-unlock.html
摘要:hacker group dragonfly 2.0 just breached u.s. and european energy companies, gaining operational access to power grids. this recent infiltration allows hackers to “flip the switch” at power companies, stopping electricity flow to homes and business in the u.s.
連結:http://resources.infosecinstitute.com/dragonfly-2-0-gains-operational-access-u-s-energy-companies/
标題:wirex variant capable of udp flood attacks
摘要:the wirex botnet presented defenders with many superlatives: the largest mobile botnet ever; hundreds of mobile apps spreading application-layer ddos malware; unprecedented cooperation between technology companies—even competitors—to halt some of its activities.
連結:https://threatpost.com/wirex-variant-capable-of-udp-flood-attacks/127825/
摘要:equifax, one of the “big-three” u.s. credit bureaus, said today a data breach at the company may have affected 143 million americans, jeopardizing consumer social security numbers, birth dates, addresses and some driver’s license numbers.
連結:https://krebsonsecurity.com/2017/09/breach-at-equifax-may-impact-143m-americans/
标題:wikileaks unveils project protego: cia’s secret missile control system
時間:2017-09-07
摘要:every week since march wikileaks has been leaking secrets from the united states central intelligence agency (cia), which mainly focus on surveillance techniques and hacking tools employed by its agents.
連結:every week since march wikileaks has been leaking secrets from the united states central intelligence agency (cia), which mainly focus on surveillance techniques and hacking tools employed by its agents.
(資料來源:綠盟科技 威脅情報與網絡安全實驗室 收集整理)
截止到2017年9月8日,綠盟科技漏洞庫已收錄總條目達到37561條。本周新增漏洞記錄29條,其中高危漏洞數量6條,中危漏洞數量16條,低危漏洞數量7條。
mcafee livesafe (mls) 中間人攻擊漏洞(cve-2017-3898)
危險等級:中
cve編号:cve-2017-3898
mcafee livesafe (mls) 代碼注入漏洞(cve-2017-3897)
cve編号:cve-2017-3897
imagemagick readbmpimage 拒絕服務漏洞(cve-2017-12693)
危險等級:低
cve編号:cve-2017-12693
qemu 拒絕服務漏洞(cve-2017-13711)
bid:100534
cve編号:cve-2017-13711
imagemagick readviffimage 拒絕服務漏洞(cve-2017-12692)
cve編号:cve-2017-12692
linux kernel tcp_disconnect拒絕服務漏洞(cve-2017-14106)
cve編号:cve-2017-14106
imagemagick readonelayer 拒絕服務漏洞(cve-2017-12691)
cve編号:cve-2017-12691
gdk-pixbuf整數溢出及堆緩沖區溢出漏洞
危險等級:高
bid:100541
cve編号:cve-2017-2870,cve-2017-2862
phpfilemanager 任意指令執行漏洞(cve-2015-5958)
cve編号:cve-2015-5958
imagemagick writemslimage記憶體洩露漏洞(cve-2017-14139)
cve編号:cve-2017-14139
imagemagick readwebpimage記憶體洩露漏洞(cve-2017-14138)
cve編号:cve-2017-14138
apache struts2遠端代碼執行漏洞(s2-052)(cve-2017-9805)
cve編号:cve-2017-9805
linux kernel atyfb_ioctl函數資訊洩露漏洞(cve-2017-14156)
cve編号:cve-2017-14156
graphicsmagick 拒絕服務漏洞(cve-2017-13777)
bid:100575
cve編号:cve-2017-13777
goahead websdecodeurl空指針間接引用漏洞(cve-2017-14149)
cve編号:cve-2017-14149
apache hadoop資訊洩露漏洞(cve-2016-3086)
bid:95335
cve編号:cve-2016-3086
foxit reader xfa gotourl指令注入遠端代碼執行漏洞(cve-2017-10953)
cve編号:cve-2017-10953
bitdefender internet security pdf predictor遠端代碼執行漏洞(cve-2017-10954)
cve編号:cve-2017-10954
cisco prime lan management solution會話固定漏洞(cve-2017-12225)
cve編号:cve-2017-12225
cisco emergency responder sql注入漏洞(cve-2017-12227)
cve編号:cve-2017-12227
cisco unified communications manager trust verification service拒絕服務漏洞(cve-2017-6791)
cve編号:cve-2017-6791
apache struts拒絕服務漏洞(cve-2017-9793)
bid:100611
cve編号:cve-2017-9793
spidercontrol scada web server任意代碼執行漏洞(cve-2017-12728)
cve編号:cve-2017-12728
apache struts拒絕服務漏洞(cve-2017-9804)
bid:100612
cve編号:cve-2017-9804
cisco ir800 integrated services router rom monitor輸入驗證漏洞(cve-2017-12223)
cve編号:cve-2017-12223
cisco meeting server資訊洩露漏洞(cve-2017-12224)
cve編号:cve-2017-12224
cisco unity connection反射型跨站腳本漏洞(cve-2017-12212)
cve編号:cve-2017-12212
cisco iot field network director記憶體耗盡拒絕服務漏洞(cve-2017-6780)
cve編号:cve-2017-6780
cisco asr 5500 system architecture evolution gateway拒絕服務漏洞(cve-2017-12217)
cve編号:cve-2017-12217
原文釋出時間:2017年9月12日
本文由:綠盟科技釋出,版權歸屬于原作者
原文連結:http://toutiao.secjia.com/nsfocus-internet-security-threats-weekly-201736
本文來自雲栖社群合作夥伴安全加,了解相關資訊可以關注安全加網站