Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 2 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Cisco Inadvertently Leaked In-House Dirty COW Exploit Code In Its Software
#1
[Image: CiscoLogo-Case-Study-Icon_380x320.jpg]

   CISCO, a popular vendor for computer network equipment, had a good start to the week when they accidentally leaked a Dirty COW exploit code during several security advisories. CISCO confirmed this, stating that it was an internal "Quality Assurance" or QA failure that resulted in the release of the exploit code. 

 CISCO had this to say in their advisory: 


 “A failure in the final QA validation step of the automated software build system for the Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software inadvertently allowed a set of sample, dormant exploit code used internally by Cisco in validation scripts to be included in shipping software images. This includes an exploit for the Dirty CoW vulnerability (CVE-2016-5195).”


 They also stated the issue affected CISCO Expressway Series and CISCO TelePresence Video Communication Software, the versions in question are image versions X8.9 through X8.11.3. 

  The exploit itself, designated CVE-2016-5195, was a privilege escalation flaw mainly affecting Linux Kernel features, but then in 2017, it was discovered that it was affecting Androids as well. 


  With this said, CISCO did confirm that this does not pose any type of security threat. 



  That was the news folks, have a good week and stay safe out there.




  ----Mad-Architect(RS)
01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News ManageEngine Applications Manager Authenticated Remote Code Execution - CXSecurity.c News 0 91 09-06-2020, 01:51 PM
Last Post: News
Thumbs Up News Citrix Bugs Allow Unauthenticated Code Injection, Data Theft Mr.Kurd 1 325 07-15-2020, 12:28 AM
Last Post: EthelCrife
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 375 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Question News Critical Remote Code Execution Bug in Linux Based OpenWrt OS Affects Millions of Netw Mr.Kurd 0 366 03-25-2020, 08:11 AM
Last Post: Mr.Kurd
Star News Trend Micro Patched Zero-Day Vulnerabilities Under Active Exploit Mr.Kurd 0 304 03-23-2020, 07:54 AM
Last Post: Mr.Kurd
Shocked News Unpatched Wormable Windows SMBv3 RCE Zero-day Flaw Leaked in Microsoft Security Updat Mr.Kurd 0 417 03-12-2020, 09:39 AM
Last Post: Mr.Kurd
Wink News Coronavirus – hackers exploit fear of infection to spread malware Mr.Kurd 0 464 02-03-2020, 05:30 PM
Last Post: Mr.Kurd
  News UK Based Business Worker's Data Found Leaked: Mad-Architect 0 405 01-15-2020, 03:18 PM
Last Post: Mad-Architect
Wink News Google Chrome on Hallowen night scares everyone with a 0-day exploit Mr.Kurd 0 390 11-02-2019, 10:35 AM
Last Post: Mr.Kurd
  News German Authorities Raid And Shutdown Illegal Server House: Mad-Architect 0 501 09-29-2019, 01:28 PM
Last Post: Mad-Architect



Users browsing this thread: 1 Guest(s)