The Indian Computer Emergency Response Team (CERT-In) has released a series of high severity cybersecurity alerts. The alerts are about multiple vulnerabilities in Java SE and the Solaris operating system. There is also an alert on a security bypass vulnerability in the Heimdal Kerberos authentication protocol, which is a part of Samba, software commonly included in many open source operating systems including Unix, Linux, BSD, Solaris and their variants.
The Java SE vulnerabilities could be abused by an attacker by convincing a target to run malicious Java content through a web browser that supports Java. Then the attacker can remotely run trusted code on the system, which can be exploited in many ways.
The same patch also contains fixes for critical vulnerabilities in Solaris. The vulnerabilities can be exploited by a malicious attacker to gain elevated privileges on a system, execute denial of service attacks, and gain access to information. Another vulnerability allows a local attacker to partially access data, partially modify the data, and partially execute a denial of service attack. The relevant fixes for both the JAVA SE and Solaris vulnerabilities are available in the July 2017 critical patch update by Oracle, which fixes a number of security vulnerabilities at once.
The Samba vulnerability affects version 4.0 and higher. Exploitation of the vulnerability depends on a man in the middle attack, where traffic between a client and a server is intercepted by a third party. The vulnerability allows an attacker to gain privileged access to a system, after which further attacks can be initiated. The patches relating to the vulnerability are available on the security page for Samba.
Published Date: Jul 25, 2017 12:06 pm | Updated Date: Jul 25, 2017 12:06 pm