Mirai Source Code Analysis Report
As shown in Figure 1, there are two folders. The loader folder, as its name implies, is a loader that creates servers and monitors the status of connections.
ISC BIND 9 Denial-of-Service Technical Analysis and Solution
Internet Systems Consortium (ISC) officially released a security advisory to announce a vulnerability (CVE-2016-2776) and its fixing. The vulnerability exists in buffer.c. When constructing a response packet for a specially crafted query request, BIND will encounter an assertion failure, causing the program to crash and therefore a denial of service.
绿盟科技2016网络视频监控系统安全报告
近期国外多起DDoS攻击事件 涉及国内视频监控系统生成厂商 ,这些事件让 Mirai物联网恶意软件浮出水面 。同时,欧洲委员会正在规划新的物联网法规, 国际云安全联盟CSA发布物联网安全指南 。一时间物联网安全已经不再是理论,而是需要切实解决的问题。为此,绿盟科技旗下三个部门联合发布2016网络视频监控系统安全报告。
MySQL Remote Code Execution/Privilege Escalation Vulnerability Technical Analysis and Solution
On September 12, 2016, legalhackers.com released a security advisory concerning a 0-day vulnerability that is assigned CVE-2016-6662. This vulnerability allows attackers to remotely inject malicious settings into a MySQL configuration file (my.cnf), leading to critical consequences. It affects MySQL servers in default configuration in all version branches (5.7, 5.6, and 5.5), including the latest versions. MySQL clones like MariaDB and PerconaDB are also affected.
OpenSSL Patches Introducing New Vulnerabilities Technical Analysis and Solution
On September 22, 2016, OpenSSL released an update advisory for three branch products to fix multiple vulnerabilities. The versions after update are 1.1.0a, 1.0.2i, and 1.0.1u. However, the security update introduced new vulnerabilities: 1.1.0a introduced CVE-2016-6309, and 1.0.2i introduced CVE-2016-7052.
OpenSSL补丁引入新漏洞技术分析与防护方案
近日,OpenSSL官方发布了版本更新,修复了多个OpenSSL漏洞,这次更新所修复的漏洞中,有两个危害等级较高的为CVE-2016-6304和CVE-2016-6305。目前绿盟已发布相关检测和防护方案。
OpenSSL多个漏洞技术分析与防护方案
2016年9月22日,OpenSSL官方发布了版本更新,修复了多个漏洞,这次更新所修复的漏洞中,有两个危害等级较高的为CVE-2016-6304和CVE-2016-6305。绿盟科技对此漏洞进行了技术分析并提出了防护方案。
PHP Local Heap Overflow Vulnerability Technical Analysis and Protection Solution
On April 24, 2016, Fernando from the NULL-LIFE team submits the local heap overflow vulnerability in bcmath.c to the PHP website. For details, visit the following link.
MySQL漏洞技术分析与防护方案
2016年9月12日,legalhackers.com网站发布了编号为CVE-2016-6662的0day漏洞公告。该漏洞可以允许攻击者远程向MySQL配置文件(my.cnf)注入恶意的环境配置,从而导致严重后果。该漏洞将影响以默认方式进行配置的所有版本的MySQL服务器,涵盖5.7、5.6和5.5,包括最新版本。此外,包括MariaDB和PerconaDB在内的MySQL分支也在影响范围内。
PHP本地堆溢出漏洞技术分析与防护方案
绿盟科技安全团队发现www.securityfocus.com 网站对PHP“bcmath.c”多个本地堆溢出漏洞做了更新,其中涉及到的CVE编号分别为:CVE-2016-4537和CVE-2016-4538。
Operation Ghoul Attacks Technical Analysis and Solution
On June 8 and June 27, 2016, Kaspersky Lab discovered a new wave of targeted attacks in multiple regions around the world. The attacker sent spear phishing emails to entice victims to execute malware in these emails for the purpose of obtaining key business data from the target network.