Home Tags Denial Of Service

Tag: Denial Of Service

Researchers claim China trying to hack South Korea missile defense efforts

Deployment of THAAD upsets China, seen as espionage tool.

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) cond...

VU#307983: Action Message Format (AMF3) Java implementations are vulnerable to insecure...

Several Java implementations of AMF3 are vulnerable to insecure deserialization and XML external entities references.

VU#507496: GIGABYTE BRIX UEFI firmware fails to implement write protection and...

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 and GB-BXi7-5775 platforms,versions vF6 and vF2 respectively,fails to properly set the BIOSWE,BLE,SMM_BWP,and PRx bits to enforce write protection. It also is not cryptographically signed. These issues may permit an attacker to write arbitrary code to the platform firmware,potentially allowing for persistent firmware level rootkits or the creation of a permanent denial of service condition in the platform.

Dormant Linux kernel vulnerability finally slayed

Just, er, eight years later A recently resolved vulnerability in the Linux kernel that had the potential to allow an attacker to gain privilege escalation or cause denial of service went undiscovered for seven years.…

VU#355151: ACTi cameras models from the D, B, I, and E...

According to the reporter,ACTi devices including D,B,I,and E series models using firmware version A1D-500-V6.11.31-AC are vulnerable to several issues.

Today’s leading causes of DDoS attacks

Distributed denial of service attacks are growing ever bigger. Here's what's causing them.

VU#614751: Hughes satellite modems contain multiple vulnerabilities

Several models of Hughes high-performance broadband satellite modems are potentially vulnerable to several issues if not appropriately configured.

VU#867968: Microsoft Windows SMB Tree Connect Response denial of service vulnerability

Microsoft Windows contains a memory corruption bug in the handling of SMB traffic,which may allow a remote,unauthenticated attacker to cause a denial of service on a vulnerable system.

DDoS attacks in Q4 2016

2016 was the year of Distributed Denial of Service (DDoS) with major disruptions in terms of technology, attack scale and impact on our daily life.
In fact, the year ended with massive DDoS attacks unseen before, leveraging Mirai botnet technology.

Cisco Industrial Ethernet 2000 Series Switches CIP Denial of Service Vulnerability

A vulnerability in the implementation of Common Industrial Protocol (CIP) functionality in Cisco Industrial Ethernet 2000 Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) ...

Boffins break Samsung Galaxies with one SMS carrying WAP crap

S4 and S5 A single TXT message is enough to cause Samsung S5 and S4 handsets to return to factory settings, likely wiping users' data along the way.

And because the attack exploits Android's innards, other vendors' handsets are at risk. The vulnerabilities, thankfully patched by Samsung, means attackers can send WAP configuration messages that will be blindly applied by the affected devices once received without the need to click on links. Attacks that send affected devices into boot loops can also be reversed and set to stable by a good configuration SMS, opening avenues for ransomware attacks, Contextis hackers Tom Court (@tomcourt_uk) and Neil Biggs say. Newer Samsung Galaxy S6 and S7 models will not blindly accept the messages sent over the 17 year-old protocol. The pair of researchers have penned a three part series explaining the attack surface of Android SMS and the WAP suite. Court and Biggs combined two bugs to produce the denial of service attack that forces unpatched and non-rooted phones to factory reset. Users of rooted Samsung devices can enter the adb settings to delete the malicious configuration file default_ap.conf. "The complexity of exploiting an Android device in recent years has escalated to the point that more often than not a chain of bugs is required to achieve the desired effect," Court and Biggs say. "This case is no different and we have shown here that it took two bugs to produce a viable attack vector, combined with some in-depth knowledge of the bespoke message format." The pair explain the attack in detail here finding that no authentication is used to protect OMA CP text messages. They also found a remote code execution on vulnerability on Samsung devices on the S5 and below, detailed in the following CVEs: CVE-2016-7988 – No Permissions on SET_WIFI Broadcast receiver CVE-2016-7989 – Unhandled ArrayIndexOutOfBounds exception in Android Runtime CVE-2016-7990 – Integer overflow in libomacp.so CVE-2016-7991 – omacp app ignores security fields in OMA CP message "Given the reversible nature of this attack, it does not require much imagination to construct a potential ransomware scenario for these bugs," the pair say. "Samsung have now released a security update that addresses these among other vulnerabilities and, as is our usual advice, it is recommended that users prioritise the installation of these updates." They left discovery of how the bugs apply to other phones as an exercise for other hackers. Vulnerabilities were reported to Samsung in June, fixed in August, and patched on 7 November with disclosure made overnight. ® Sponsored: Customer Identity and Access Management