by CIRT Team
Exim Releases Security Patches
Description: Exim has released patches to address vulnerabilities affecting Exim 4.92.1 and prior versions. A remote attacker could exploit this vulnerability to take control of an affected email server. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://exim.org/static/doc/security/CVE-2019-15846.txt https://kb.cert.org/vuls/id/672565/
by CIRT Team
Cisco Releases Security Updates for Multiple Products
Description: Cisco has released security updates to address a vulnerability in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos
by CIRT Team
Atlassian Releases Security Updates for Jira
Description: Atlassian has released security updates to address a vulnerability affecting Jira Server and Jira Data Center. A remote attacker could exploit this vulnerability to take control of an affected system. Paragraph Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://confluence.atlassian.com/jira/jira-security-advisory-2019-07-10-973486595.html https://cyber.gc.ca/en/alerts/atlassian-confluence-security-advisory
by CIRT Team
DNS Infrastructure Hijacking Campaign
Summary The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an...
Read More
by CIRT Team
Multiple Vulnerabilities Affecting Linux, FreeBSD Kernels
Description: The CERT Coordination Center (CERT/CC) has released information on TCP networking vulnerabilities affecting Linux and FreeBSD kernels. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.kb.cert.org/vuls/id/905115/
by CIRT Team
Apple Releases Security Updates for AirPort 802.11n Wi-Fi Base Stations
Description: Apple has released security updates to address vulnerabilities in AirPort Express, AirPort Extreme, and AirPort Time Capsule wireless routers with 802.11n. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for...
Read More
by CIRT Team
Dell Releases Security Advisory for Dell SupportAssist
Description: Dell has released a security advisory to address a vulnerability in Dell SupportAssist software. An attacker could exploit this vulnerability to access sensitive information. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.dell.com/support/article/us/en/04/sln317291/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability?lang=en
by CIRT Team
Mozilla Releases Security Updates for Firefox and Firefox ESR
Description: Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more...
Read More
by CIRT Team
Exim Releases Security Patches
Description: Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more...
Read More
by CIRT Team
Intel Releases Security Updates, Mitigations for Multiple Products
Description: Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to gain an escalation of privileges on a previously infected machine. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates: NUC Firmware Advisory INTEL-SA-00264 RAID Web Console 3 for Windows Advisory INTEL-SA-00259...
Read More
