VMWare Security Advisory on DoS Vulnerability in ESXi

Published: 2019-07-09. Last Updated: 2019-07-09 21:17:16 UTC
by John Bambenek (Version: 1)
0 comment(s)

VMWare has released patches for ESXi that address a denial of service vulnerablility in hostd. ESXi 6.0 is unaffected, 6.5 has a patch, and 6.7 has a patch pending. This addresses a vulnerability described in CVE-2019-5528 and is rated important (CVSSv3 = 5.3). A workaround has also been published. If you run ESXi, you should take a look at this as well today.

 

--
John Bambenek
bambenek \at\ gmail /dot/ com
ThreatSTOP

Keywords:
0 comment(s)

MSFT July 2019 Patch Tuesday

Published: 2019-07-09. Last Updated: 2019-07-09 18:45:11 UTC
by John Bambenek (Version: 1)
1 comment(s)

July 2019 Security Updates

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
.NET Denial of Service Vulnerability
CVE-2019-1083 No No Less Likely Less Likely Important    
.NET Framework Remote Code Execution Vulnerability
CVE-2019-1113 No No More Likely More Likely Critical    
ADFS Security Feature Bypass Vulnerability
CVE-2019-0975 No No Less Likely Less Likely Important 4.3 3.9
CVE-2019-1126 No No Less Likely Less Likely Important 5.3 4.8
ASP.NET Core Spoofing Vulnerability
CVE-2019-1075 No No Less Likely Less Likely Moderate    
Azure Automation Elevation of Privilege Vulnerability
CVE-2019-0962 Yes No Less Likely Less Likely Important    
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
CVE-2019-1072 No No Less Likely Less Likely Critical    
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2019-1062 No No - - Critical 4.2 3.8
CVE-2019-1092 No No - - Critical 4.2 3.8
CVE-2019-1103 No No - - Critical 4.2 3.8
CVE-2019-1106 No No - - Critical 4.2 3.8
CVE-2019-1107 No No - - Critical 4.2 3.8
DirectWrite Information Disclosure Vulnerability
CVE-2019-1093 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1097 No No Less Likely Less Likely Important 5.5 5.0
DirectWrite Remote Code Execution Vulnerability
CVE-2019-1117 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1118 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1119 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1120 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1121 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1122 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1123 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1124 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1127 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1128 No No Less Likely Less Likely Important 7.8 7.0
DirectX Elevation of Privilege Vulnerability
CVE-2019-0999 No No - - Important 7.8 7.0
Docker Elevation of Privilege Vulnerability
CVE-2018-15664 Yes No Less Likely Less Likely Important    
GDI+ Remote Code Execution Vulnerability
CVE-2019-1102 No No Less Likely Less Likely Critical 8.4 7.6
Internet Explorer Memory Corruption Vulnerability
CVE-2019-1063 No No More Likely More Likely Critical 6.4 5.8
Latest Servicing Stack Updates
ADV990001 No No - - Critical    
Microsoft Browser Memory Corruption Vulnerability
CVE-2019-1104 No No More Likely More Likely Critical 6.4 5.8
Microsoft Excel Information Disclosure Vulnerability
CVE-2019-1112 No No More Likely More Likely Important    
Microsoft Excel Remote Code Execution Vulnerability
CVE-2019-1110 No No Less Likely Less Likely Important    
CVE-2019-1111 No No Less Likely Less Likely Important    
Microsoft Exchange Information Disclosure Vulnerability
CVE-2019-1084 No No Less Likely Less Likely Important    
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2019-1136 No No Less Likely Less Likely Important    
Microsoft Exchange Server Spoofing Vulnerability
CVE-2019-1137 No No Less Likely Less Likely Important    
Microsoft Office SharePoint XSS Vulnerability
CVE-2019-1134 No No Less Likely Less Likely Important    
Microsoft Office Spoofing Vulnerability
CVE-2019-1109 No No Less Likely Less Likely Important    
Microsoft SQL Server Remote Code Execution Vulnerability
CVE-2019-1068 Yes No Less Likely Less Likely Important    
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2019-1074 No No More Likely More Likely Important 5.3 5.3
CVE-2019-1082 No No - - Important 7.7 7.7
Microsoft splwow64 Elevation of Privilege Vulnerability
CVE-2019-0880 No Yes Detected More Likely Important 7.0 6.3
Microsoft unistore.dll Information Disclosure Vulnerability
CVE-2019-1091 No No Less Likely Less Likely Important 5.5 5.0
Outlook on the web Cross-Site Scripting Vulnerability
ADV190021 No No - - Important    
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2019-1108 No No More Likely More Likely Important 6.5 5.9
Remote Desktop Services Remote Code Execution Vulnerability
CVE-2019-0887 Yes No More Likely More Likely Important 8.0 7.2
Scripting Engine Memory Corruption Vulnerability
CVE-2019-1056 No No - - Critical 6.4 5.8
CVE-2019-1059 No No Less Likely Less Likely Critical 6.4 5.8
CVE-2019-1001 No No More Likely More Likely Critical 6.4 5.8
CVE-2019-1004 No No More Likely More Likely Critical 6.4 5.8
SymCrypt Denial of Service Vulnerability
CVE-2019-0865 Yes No Less Likely Less Likely Important 7.5 6.7
Team Foundation Server Cross-site Scripting Vulnerability
CVE-2019-1076 No No Less Likely Less Likely Important    
Visual Studio Elevation of Privilege Vulnerability
CVE-2019-1077 No No Less Likely Less Likely Important    
Visual Studio Information Disclosure Vulnerability
CVE-2019-1079 No No Less Likely Less Likely Important    
WCF/WIF SAML Token Authentication Bypass Vulnerability
CVE-2019-1006 No No Less Likely Less Likely Important    
Win32k Elevation of Privilege Vulnerability
CVE-2019-1132 No Yes - - Important 7.8 7.2
Win32k Information Disclosure Vulnerability
CVE-2019-1096 No No Less Likely Less Likely Important 5.5 5.0
Windows Audio Service Elevation of Privilege Vulnerability
CVE-2019-1086 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1087 No No Less Likely Less Likely Important 7.8 7.0
CVE-2019-1088 No No Less Likely Less Likely Important 7.8 7.0
Windows DHCP Server Remote Code Execution Vulnerability
CVE-2019-0785 No No Less Likely Less Likely Critical 9.8 8.8
Windows DNS Server Denial of Service Vulnerability
CVE-2019-0811 No No Less Likely Less Likely Important 7.5 6.7
Windows Elevation of Privilege Vulnerability
CVE-2019-1129 Yes No More Likely More Likely Important 7.8 7.0
CVE-2019-1130 No No Less Likely Less Likely Important 7.8 7.0
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2019-1037 No No Less Likely Less Likely Important 7.0 6.3
Windows GDI Information Disclosure Vulnerability
CVE-2019-1094 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1095 No No Less Likely Less Likely Important 5.5 5.0
CVE-2019-1098 No No - - Important 5.5 5.0
CVE-2019-1099 No No - - Important 5.5 5.0
CVE-2019-1100 No No - - Important 5.5 5.0
CVE-2019-1101 No No - - Important 5.5 5.0
CVE-2019-1116 No No - - Important 5.5 5.0
Windows Hyper-V Denial of Service Vulnerability
CVE-2019-0966 No No Less Likely Less Likely Important 6.8 6.1
Windows Kernel Elevation of Privilege Vulnerability
CVE-2019-1067 No No More Likely More Likely Important 7.8 7.0
Windows Kernel Information Disclosure Vulnerability
CVE-2019-1071 No No More Likely More Likely Important 5.5 5.0
CVE-2019-1073 No No More Likely More Likely Important 5.5 5.0
Windows RPCSS Elevation of Privilege Vulnerability
CVE-2019-1089 No No More Likely More Likely Important 7.8 7.0
Windows WLAN Service Elevation of Privilege Vulnerability
CVE-2019-1085 No No Less Likely Less Likely Important 7.8 7.0
Windows dnsrlvr.dll Elevation of Privilege Vulnerability
CVE-2019-1090 No No Less Likely Less Likely Important 7.8 7.0

 

--
John Bambenek
bambenek \at\ gmail /dot/ com
ThreatSTOP

1 comment(s)

Solving the WHOIS and Privacy Problem: A Draft of Implementing WHOIS in DNS

Published: 2019-07-09. Last Updated: 2019-07-09 15:02:58 UTC
by John Bambenek (Version: 1)
0 comment(s)

Recently, due to GDPR, WHOIS records for domains have been redacted in many places and access to the information that has been relied on by investigators and abuse fighters is either much harder to get or simply unavailable. In theory, ICANN should be setting up a gated system that will give tiered access to various classes of people, but having participated in those discussions, it does not seem such a system would allow for access to the data we need to investigate, correlate, and respond to abuse and cybercrime.

To help solve this problem, fellow handler Richard Porter and myself have created an Internet-Draft to put information formerly available in WHOIS into DNS TXT records so the information can be voluntarily made available by domain owners. This will allow for programmatic access that can be used in automation to make policy decisions quickly (for instance, should I accept email from this domain). The gist of the proposal is to use a _whois subdomain record and have a variety of TXT records for adminstrative, technical, network, and security/abuse contacts (name, phone number, email, address). As the system relies on self-disclosure, it bypasses some of the sticker issues with privacy laws.

Take a look and chime in on your thoughts in comments or on the DNSOP mailing list where this is being discussed.

--
John Bambenek
bambenek \at\ gmail /dot/ com
ThreatSTOP

0 comment(s)
ISC Stormcast For Tuesday, July 9th 2019 https://isc.sans.edu/podcastdetail.html?id=6568

Comments


Diary Archives