DHS Warns of Increasing Emotet Risk

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2019-3700
PUBLISHED: 2020-01-24

yast2-security didn’t use secure defaults to protect passwords. This became a problem on 2019-10-07 when configuration files that set secure settings were moved to a different location. As of the 20191022 snapshot the insecure default settings were used until yast2-security switched to stronger defa…

CVE-2019-3699
PUBLISHED: 2020-01-24

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3…

CVE-2019-3697
PUBLISHED: 2020-01-24

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions.

CVE-2019-3694
PUBLISHED: 2020-01-24

A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 a…

CVE-2019-3693
PUBLISHED: 2020-01-24

A symlink following vulnerability in the packaging of mailman in SUSE SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. Th…

Thanks to the Courtesy of :

https://www.darkreading.com/attacks-breaches/dhs-warns-of-increasing-emotet-risk/d/d-id/1336873?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Leave a Reply