绿盟科技发布了本周安全通告,周报编号nsfocus-17-29,绿盟科技漏洞库本周新增64条,其中高危30条。本次周报建议大家关注 vmware虚拟机逃逸漏洞 。目前,此漏洞的利用工具已经公开,可能会被大范围利用,请用户及时下载补丁修复更新。。
vmware虚拟机逃逸漏洞
nsfocus id 37211
cve id cve-2017-4901
受影响版本
vmware workstation pro / player
vmware fusion pro / fusion
漏洞点评
vmware 是一款功能强大的桌面虚拟计算机软件。vmware workstation和fusion中的拖放(dnd)功能被发现含有内存越界访问漏洞。通过利用此漏洞,即使攻击者是在vmware workstation或fusion的虚拟机中运行恶意代码,最终也可在宿主机的操作系统上执行代码,实现虚拟机逃逸。目前,此漏洞的利用工具已经公开,可能会被大范围利用,请用户及时下载补丁修复更新。
(数据来源:绿盟科技安全研究部&产品规则组)
最近一周cve公告总数与前期相比数量回落。值得关注的高危漏洞如下:
时间:2017-07-17
摘要:alphabay market — one of the largest dark web marketplaces for drugs, guns, and other illegal goods — that mysteriously went dark earlier this month without any explanation from its admins has reportedly been shut down by the international authorities.
链接:http://thehackernews.com/2017/07/alphabay-darkweb-alexandre-cazes.html
摘要:a highly critical vulnerability has been discovered in the cisco systems’ webex browser extension for chrome and firefox, for the second time in this year, which could allow attackers to remotely execute malicious code on a victim’s computer.
链接:http://thehackernews.com/2017/07/cisco-webex-vulnerability.html
标题:ashley madison to pay $11.2 million to data breach victims
摘要:ashley madison, an american most prominent dating website that helps people cheat on their spouses has been hacked, has agreed to an $11.2 million settlement for roughly 37 million users whose personal details were exposed in a massive data breach two years ago.
链接:http://thehackernews.com/2017/07/ashley-madison-data-breach.html
标题:hacker uses a simple trick to steal $7 million worth of ethereum within 3 minutes
时间:2017-07-18
摘要:all it took was just 3 minutes and ‘a simple trick’ for a hacker to steal more than $7 million worth of ethereum in a recent blow to the crypto currency market.
链接:http://thehackernews.com/2017/07/ethereum-cryptocurrency-heist.html
标题:hackers could easily take remote control of your segway hoverboards
时间:2017-07-19
摘要:thomas kilbride, a security researcher from security firm ioactive, have discovered several critical vulnerabilities in segway ninebot minipro that could be exploited by hackers to remotely take “full control” over the hoverboard within range and leave riders out-of-control.
链接:http://thehackernews.com/2017/07/segway-hoverboard-hacking.html
摘要:almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in samba networking software, allowing a hacker to remotely take full control of a vulnerable linux and unix machines.
链接:http://thehackernews.com/2017/07/linux-malware-sambacry.html
摘要:some opportunistic criminals have put the leaked source code for the nukebot banking trojan to use, targeting banks in the united states and france with variants of the malware, while another group has adapted it to steal mail client and browser passwords.
链接:https://threatpost.com/modified-versions-of-nukebot-in-wild-since-source-code-leak/126920/
标题:tor launches bug bounty program — get paid for hacking!
时间:2017-07-20
摘要:with the growing number of cyber attacks and breaches, a significant number of companies and organisations have started bug bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded.
链接:http://thehackernews.com/2017/07/tor-bug-bounty-program.html
标题:critical code injection flaw in gnome file manager leaves linux users open to hacking
摘要:a security researcher has discovered a code injection vulnerability in the thumbnail handler component of gnome files file manager that could allow hackers to execute malicious code on targeted linux machines.
链接:http://thehackernews.com/2017/07/linux-gnome-vulnerability.html
标题:chrome final removal of trust in wosign and startcom certificates
摘要:as previously announced, chrome has been in the process of removing trust from certificates issued by the ca wosign and its subsidiary startcom, as a result of several incidents not in keeping with the high standards expected of cas.
链接:https://security.googleblog.com/2017/07/final-removal-of-trust-in-wosign-and.html
时间:2017-07-21
摘要:webkit被爆18个webkit内存损坏漏洞 ,涉及cve-2017-7018到cve-2017-7061之前的18个id,漏洞影响苹果大面积产品的多个版本,包括apple tvos、apple safari、apple mac os x及server版本、apple itunes、apple ipod touch、apple iphone、apple ipad 、apple ios 、apple icloud。
链接:http://toutiao.secjia.com/webkit-multiple-memory-corruption
摘要:安全研究员分析深入分析了vmware虚拟机逃逸技术,验证了vmware内存访问越界漏洞cve-2016-7461,并公开了分析过程及poc
链接:http://toutiao.secjia.com/vmware-escape-cve-2016-7461
摘要:7月18日,有微信公众号发文称,在百度网盘看到大量私人信息,甚至包括企事业单位内部通讯录。百度网盘虽不自带搜索功能,但通过第三方网盘搜索引擎可查询到百度网盘用户的大量照片、通讯录,甚至不乏政府、高校及公司内部文件等隐私内容。昨天上午,百度网盘在官方微博回应称,将采取更多手段保护用户隐私。
链接:http://toutiao.secjia.com/baidu-pan-databreach
摘要:安全公司senrio周二透露,gsoap中存在被称为devil’s ivy的零日漏洞,导致数百万采用该工具包的物联网设备,面临零日攻击风险。senrio调查axis安全摄像头时在gsoap的通信层发现了这一漏洞。
链接:http://toutiao.secjia.com/gsoap-devil-ivy-rce
标题:ubuntu linux for windows 10 released
摘要:windows and linux in the same line? yes, you heard that right… and that too, on the same computer and within the same operating system.
链接:http://thehackernews.com/2017/07/windows-10-ubuntu-linux.html?utm_source=feedburner&utm_medium=feed&utm_campaign=feed%3a+thehackersnews+%28the+hackers+news+-+security+blog%29
摘要:tens of thousands of internet-exposed memcached servers are vulnerable to attacks
链接:http://www.securityweek.com/organizations-slow-patch-critical-memcached-flaws
(数据来源:绿盟科技 威胁情报与网络安全实验室 收集整理)
截止到2017年7月21日,绿盟科技漏洞库已收录总条目达到37210条。本周新增漏洞记录64条,其中高危漏洞数量30条,中危漏洞数量12条,低危漏洞数量22条。
apache http server 内存破坏漏洞(cve-2017-9788)
危险等级:高
bid:99569
cve编号:cve-2017-9788
heimdal 中间人安全限制绕过漏洞(cve-2017-11103)
bid:99551
cve编号:cve-2017-11103
apache openmeetings 拒绝服务漏洞(cve-2017-7684)
危险等级:中
bid:99584
cve编号:cve-2017-7684
apache openmeetings 安全限制绕过漏洞(cve-2017-7673)
bid:99587
cve编号:cve-2017-7673
apache openmeetings 安全限制绕过漏洞(cve-2017-7688)
bid:99586
cve编号:cve-2017-7688
ge communicator堆缓冲区溢出漏洞(cve-2017-7908)
bid:99580
cve编号:cve-2017-7908
cisco webex browser extension 远程代码执行漏洞(cve-2017-6753)
bid:99614
cve编号:cve-2017-6753
apache struts spring aop 拒绝服务漏洞(cve-2017-9787)
bid:99562
cve编号:cve-2017-9787
qemu 拒绝服务漏洞(cve-2017-8112)
危险等级:低
bid:98015
cve编号:cve-2017-8112
qemu 堆缓冲区溢出漏洞(cve-2017-9603)
bid:96893
cve编号:cve-2017-9603
qemu 拒绝服务漏洞(cve-2017-8086)
bid:98012
cve编号:cve-2017-8086
qemu ‘hw/9pfs/9p-local.c’权限提升漏洞(cve-2017-7471)
bid:97970
cve编号:cve-2017-7471
qemu 拒绝服务漏洞(cve-2017-8309)
bid:98302
cve编号:cve-2017-8309
qemu ‘hw/usb/hcd-xhci.c’拒绝服务漏洞(cve-2017-5973)
bid:96220
cve编号:cve-2017-5973
qemu 权限提升漏洞(cve-2016-9602)
bid:95461
cve编号:cve-2016-9602
qemu 拒绝服务漏洞(cve-2017-5579)
bid:95780
cve编号:cve-2017-5579
oracle java se安全漏洞(cve-2017-10102)
bid:99712
cve编号:cve-2017-10102
oracle java se远程安全漏洞(cve-2017-10096)
bid:99670
cve编号:cve-2017-10096
oracle bi publisher 远程安全漏洞(cve-2017-10041)
bid:99742
cve编号:cve-2017-10041
oracle database server 远程安全漏洞(cve-2017-10202)
bid:99865
cve编号:cve-2017-10202
oracle database server 本地安全漏洞(cve-2017-10120)
bid:99867
cve编号:cve-2017-10120
oracle webcenter content 远程安全漏洞(cve-2017-10075)
bid:99807
cve编号:cve-2017-10075
oracle webcenter content 远程安全漏洞(cve-2017-10040)
bid:99801
cve编号:cve-2017-10040
oracle outside in technology 远程安全漏洞(cve-2017-10196)
bid:99794
cve编号:cve-2017-10196
oracle outside in technology 远程安全漏洞(cve-2017-10141)
bid:99785
cve编号:cve-2017-10141
oracle bi publisher 远程安全漏洞(cve-2017-10035)
bid:99741
cve编号:cve-2017-10035
oracle enterprise repository远程安全漏洞(cve-2017-10048)
bid:99771
cve编号:cve-2017-10048
oracle bi publisher 远程安全漏洞(cve-2017-10030)
bid:99740
cve编号:cve-2017-10030
oracle bi publisher 远程安全漏洞(cve-2017-10029)
bid:99738
cve编号:cve-2017-10029
oracle bi publisher 远程安全漏洞(cve-2017-10028)
bid:99724
cve编号:cve-2017-10028
oracle bi publisher 远程安全漏洞(cve-2017-10024)
bid:99723
cve编号:cve-2017-10024
oracle bi publisher 远程安全漏洞(cve-2017-10156)
bid:99682
cve编号:cve-2017-10156
oracle bi publisher 远程安全漏洞(cve-2017-10043)
bid:99696
cve编号:cve-2017-10043
oracle weblogic server 远程安全漏洞(cve-2017-10147)
bid:99651
cve编号:cve-2017-10147
oracle bi publisher 远程安全漏洞(cve-2017-10025)
bid:99697
cve编号:cve-2017-10025
oracle flexcube universal banking远程安全漏洞(cve-2017-10071)
bid:99866
cve编号:cve-2017-10071
oracle flexcube private banking远程安全漏洞(cve-2017-10022)
bid:99864
cve编号:cve-2017-10022
oracle weblogic server 远程安全漏洞(cve-2017-10137)
bid:99634
cve编号:cve-2017-10137
d-link dir-615 未授权访问漏洞(cve-2017-11436)
cve编号:cve-2017-11436
imagemagick coders/jpeg.c拒绝服务漏洞(cve-2017-11450)
cve编号:cve-2017-11450
imagemagick readjpegimage 敏感信息泄露漏洞(cve-2017-11448)
cve编号:cve-2017-11448
imagemagick readscreenshotimage 拒绝服务漏洞(cve-2017-11447)
cve编号:cve-2017-11447
imagemagick readpesimage 拒绝服务漏洞(cve-2017-11446)
cve编号:cve-2017-11446
cisco asyncos software命令注入漏洞(cve-2017-6746)
bid:99877
cve编号:cve-2017-6746
oracle java se远程安全漏洞(cve-2017-10114)
bid:99726
cve编号:cve-2017-10114
oracle java se远程安全漏洞(cve-2017-10074)
bid:99731
cve编号:cve-2017-10074
oracle java se/jrockit 远程安全漏洞(cve-2017-10116)
bid:99734
cve编号:cve-2017-10116
schneider electric powerscada anywhere/citect anywhere证书过期验证漏洞(cve-2017-7971)
cve编号:cve-2017-7971
schneider electric powerscada anywhere/citect anywhere安全漏洞(cve-2017-7972)
cve编号:cve-2017-7972
schneider electric powerscada anywhere/citect anywhere跨站请求伪造漏洞(cve-2017-7969)
cve编号:cve-2017-7969
schneider electric powerscada anywhere/citect anywhere信息泄露漏洞(cve-2017-7970)
cve编号:cve-2017-7970
oracle java se/jrockit 远程安全漏洞(cve-2017-10115)
bid:99774
cve编号:cve-2017-10115
oracle java se远程安全漏洞(cve-2017-10078)
bid:99752
cve编号:cve-2017-10078
oracle java se远程安全漏洞(cve-2017-10067)
bid:99756
cve编号:cve-2017-10067
oracle java se/jrockit 远程安全漏洞(cve-2017-10081)
bid:99853
cve编号:cve-2017-10081
oracle java se/jrockit 远程安全漏洞(cve-2017-10193)
bid:99854
cve编号:cve-2017-10193
oracle java se/jrockit 远程安全漏洞(cve-2017-10108)
bid:99846
cve编号:cve-2017-10108
oracle java se/jrockit 远程安全漏洞(cve-2017-10109)
bid:99847
cve编号:cve-2017-10109
oracle java se/jrockit 远程安全漏洞(cve-2017-10053)
bid:99842
cve编号:cve-2017-10053
oracle java se/jrockit 远程安全漏洞(cve-2017-10135)
bid:99839
cve编号:cve-2017-10135
oracle java se/jrockit 远程安全漏洞(cve-2017-10243)
bid:99827
cve编号:cve-2017-10243
oracle java se/jrockit 远程安全漏洞(cve-2017-10198)
bid:99818
cve编号:cve-2017-10198
oracle java se/jrockit 远程安全漏洞(cve-2017-10176)
bid:99788
cve编号:cve-2017-10176
oracle java se/jrockit 远程安全漏洞(cve-2017-10118)
bid:99782
cve编号:cve-2017-10118
原文发布时间:2017年7月24日
本文由:绿盟科技发布,版权归属于原作者
原文链接:http://toutiao.secjia.com/nsfocus-internet-security-threats-weekly-201729
本文来自云栖社区合作伙伴安全加,了解相关信息可以关注安全加网站