News & Updates

The Drupal development team has patched several vulnerabilities in version 7 and 8 of the popular CMS, including RCE flaws.

The development team of the Drupal content management system addressed several vulnerabilities in version 7 and 8, including some flaws that could be exploited for remote code execution.

Drupal team fixed a critical vulnerability that resides in the Contextual Links module, that fails to properly validate requested contextual links. The flaw could be exploited by an attacker with an account with the “access contextual links” permission for a remote code execution,

“The Contextual Links module doesn’t sufficiently validate the requested contextual links.” reads the security advisory.
“This vulnerability is mitigated by the fact that an attacker must have a role with the permission “access contextual links”.”

Another critical vulnerability fixed by the development team is an injection issue that resides in the DefaultMailSystem::mail() function. The root cause of the bug is the lack of sanitization of some variables for shell arguments when sending emails.

“When sending email some variables were not being sanitized for shell arguments, which could lead to remote code execution.” continues the advisory.

The remaining vulnerabilities addressed in the CMS have been assigned a “moderately critical” rating, they include a couple of open redirect bugs and an access bypass issue related to content moderation.

The vulnerabilities have been addressed with the release of Drupal 7.60, 8.6.2 and 8.5.8.

Drupal team urges users to install security updates as soon as possible, there is the concrete risk that threat actors in the wild will start to exploit flaw in massive hacking campaigns.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(Security Affairs – Drupal, hacking)


The post Drupal dev team fixed Remote Code Execution flaws in the popular CMS appeared first on Security Affairs.

Source: Security affairs

ESA

One might think it’s a relatively easy thing to reach Mercury, the innermost planet in the Solar System. At its closest approach, Mercury is just 77 million kilometers from Earth, or not all that much further than the closest that Earth comes to Mars. The Earth-Mars transit typically only takes about six months.

However, the Sun’s enormous gravity makes putting a spacecraft into orbit around Mercury quite difficult. How much gravity are we talking about? The g-force at the surface of the Earth is 9.8 meters per second. By comparison, the Sun’s gravity is nearly 30 times greater, at 274 m/s.

Read 7 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Security researchers have discovered a serious code execution vulnerability in the LIVE555 Streaming Media library—which is being used by popular media players including VLC and MPlayer, along with a number of embedded devices capable of streaming media.

LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to


Source: http://feeds.feedburner.com/TheHackersNews

Tesla quietly drops “full self-driving” option as it adds $45,000 Model 3

Enlarge (credit: Tesla)

Elon Musk took to Twitter (where else, right?) on Thursday evening to inform his followers of a new addition to the Model 3 lineup. This is not the long-awaited $35,000 version, however; the mid-range Model 3 starts at $45,000. Musk also revealed that the Model 3 ordering process has been simplified and now has fewer options. One that’s missing—from all new Tesla orders, not just the Model 3—is the controversial “full self-driving” option. The reason? It was “causing too much confusion,” Musk tweeted.

The mid-range Model 3s will be rear-wheel drive only, prompting some to wonder if the company was using software to limit battery capacity on existing RWD inventory in order to get it out of the door. But Tesla says it’s able to build these slightly cheaper cars by using the same battery pack as the more expensive, longer-range cars but with fewer cells inside.

However, Tesla is promoting the car as costing as little as $30,700 by factoring in “gas savings” and all possible federal and local electric vehicle tax incentives (but not the destination charge). That it did so is a little surprising; just seven days ago Tesla said that it could not guarantee any order received after October 15th would ship before the beginning of next year. Any new Tesla delivered after January 1st 2019 (but before July 1st 2019) is only eligible for a $3,750 IRS credit. Tesla says delivery for the new mid-range Model 3 should take six to 10 weeks.

Read 2 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Vivaldi

The Web browser is likely the most important piece of software on your hardware, whatever that hardware may be. In fact, whenever a new bit of hardware arrives that somehow lacks a way to browse the Web, invariably one of the first things enthusiasts will do is figure out a way to run a browser on it.

Despite their ubiquity, though, there remains very little difference between common Web browsers. Most people seem to get by with whatever was installed by default, and no wonder. Modern browsers like Edge, Internet Explorer, Firefox, Chrome, Safari, and Opera are largely indistinguishable both in appearance and features—why bother with one over the other?

Read 48 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

Splunk recently addressed several vulnerabilities in Enterprise and Light products, some of them have been rated “high severity.”

Splunk Enterprise solution allows organizations to aggregate, search, analyze, and visualize data from various sources that are critical to business operations.

The Splunk Light is a comprehensive solution for small IT environments that automates log analysis and integrate server and network monitoring.

“To mitigate these issues, Splunk recommends upgrading to the latest release and applying as many of the Hardening Standards from the Securing Splunk documentation as are relevant to your environment. Splunk Enterprise and Splunk Light releases are cumulative, meaning that future releases will contain fixes to these vulnerabilities, new features and other bug fixes,” reads the advisory published by Splunk.

The most severe issue fixed by the company is a high severity cross-site scripting (XSS) flaw in the Web interface, tracked as CVE-2018-7427, that received the CVSS score of 8.1.

Another severe vulnerability is a DoS flaw tracked as CVE-2018-7432 that could be exploited using malicious HTTP requests sent to Splunkd that is the system process that handles indexing, searching and forwarding. This issue was tracked as “medium severity” by the company.

The company also addressed a denial-of-service (DoS) vulnerability, tracked as CVE-2018-7429, that could be exploited by an attacker by sending a specially crafted HTTP request to Splunkd.

The last flaw addressed by the vendor, tracked as CVE-2018-7431, is a path traversal issue that allows an authenticated attacker to download arbitrary files from the vendor Django app. The vulnerability has been rated “medium severity.”

Below the affected versions:

  • Cross Site Scripting in Splunk Web (CVE-2018-7427)
  • Affected Product Versions: Splunk Enterprise versions 6.5.x before 6.5.3, 6.4.x before 6.4.7, 6.3.x before 6.3.10, 6.2.x before 6.2.14, 6.1.x before 6.1.13, 6.0.x before 6.0.14 and Splunk Light before 6.6.0
  • Affected Components: All Splunk Enterprise components running Splunk Web.
  • Denial of Service (CVE-2018-7432)
  • Affected Product Versions: Splunk Enterprise versions 6.5.x before 6.5.3, 6.4.x before 6.4.7, 6.3.x before 6.3.10, 6.2.x before 6.2.14 and Splunk Light before 6.6.0
  • Affected Components: All Splunk Enterprise components running Splunk Web.
  • Path Traversal Vulnerability in Splunk Django App (CVE-2018-7431)
  • Affected Product Versions: Splunk Enterprise versions 6.5.x before 6.5.3, 6.4.x before 6.4.6, 6.3.x before 6.3.10, 6.2.x before 6.2.14, 6.1.x before 6.1.13, 6.0.x before 6.0.14 and Splunk Light before 6.6.0
  • Affected Components: All Splunk Enterprise components running Splunk Web.
  • Splunkd Denial of Service via Malformed HTTP Request (CVE-2018-7429)
  • Affected Product Versions: Splunk Enterprise versions 6.4.x before 6.4.8, 6.3.x before 6.3.11, 6.2.x before 6.2.14 and Splunk Light before 6.5.0
  • Affected Components: All Splunk Enterprise components running Splunk Web.

The vendor declared it has found no evidence that these vulnerabilities have been exploited in attacks in the wild.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(Security Affairs – XSS, hacking)


The post Splunk addressed several vulnerabilities in Enterprise and Light products appeared first on Security Affairs.

Source: Security affairs

Kyocera

With Apple and most Android OEMs making increasingly larger phones while Apple discontinues the small iPhone SE, it’s pretty clear where the smartphone market is going—at least for the near term. But that doesn’t mean there aren’t some companies bucking the trend by going smaller, not bigger. Earlier this week, we heard that Palm’s brand is rebooting with a very small phone that’s not meant to be your main portable computing device. But this phone from Kyocera is even smaller.

The Japanese company has been producing unusual phone designs off and on for years, like a Nintendo DS-like dual-screen handset in the early Android days. The latest experiment is the KY-O1L, a phone that would likely fit in one of the credit card slots in your wallet or purse. We said the Palm phone was “about the size of a credit card,” and that was true—except in depth. This phone is a little closer to that goalpost in depth. Unfortunately, it’s only being released in Japan—but it’s an interesting concept to see even if you’re not in that region.

Read 4 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

The Rocket Report is published weekly.

Enlarge / The Rocket Report is published weekly. (credit: Arianespace/Aurich Lawson)

Welcome to Edition 1.22 of the Rocket Report! We have plenty to discuss this week, from Paul Allen’s untimely passing to the Atlas V rocket’s success as well as why SpaceX remains in Los Angeles despite California’s high taxes and regulations. We also have a fun story about a Titan II missile silo for sale.

As always, we welcome reader submissions, and if you don’t want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Rocket Lab takes steps toward high launch cadence. It may have been nine months since Rocket Lab launched its Electron booster, but the company is growing both in people and facilities. The New Zealand Herald reports that Rocket Lab’s staff has nearly doubled, to 330, in the past year, with around 200 in New Zealand and the remainder in the United States. The company plans to hire another 180 employees over the next year.

Read 30 remaining paragraphs | Comments

Source: http://feeds.arstechnica.com/arstechnica/index/

By Waqas

Another day, another court order against The Pirate Bay (TPB). This time, the Patent and Market Court of Sweden has ordered the telephone company and mobile network operator Telia to block The Pirate Bay and other torrenting websites including NyaFilmer, FMovies, and Dreamfilm in the country. According to TorrentFreak, the interim order came after a complaint filed by a […]

This is a post from HackRead.com Read the original post: Swedish court tells ISP to block The Pirate Bay in the country

Source: https://www.hackread.com/feed/

A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—called FreeRTOS—and its other variants, exposing a wide range of IoT devices and critical infrastructure systems to hackers.

What is FreeRTOS (Amazon, WHIS OpenRTOS, SafeRTOS)?

FreeRTOS is a leading open source real-time operating system (RTOS) for embedded


Source: http://feeds.feedburner.com/TheHackersNews