A survey of giant squid science.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
A critical vulnerability was fixed this week in Jira Service Management Server, a popular IT services management platform for enterprises, that could allow attackers to impersonate users and gain access to access tokens. If the system is configured to allow public sign-up, external customers can be affected as well.
The bug was introduced in Jira Service Management Server and Data Center 5.3.0, so versions 5.3.0 to 5.3.1 and 5.4.0 to 5.5.0 are affected. Atlassian has released fixed versions of the software but has also provided a workaround that involves updating a single JAR file in impacted deployments. Atlassian Cloud instances are not vulnerable.
A vulnerability was found in fanzila WebFinance 0.5 and classified as critical. This issue affects some unknown processing of the file htdocs/admin/save_taxes.php. The manipulation of the argument id leads to sql injection. The name of the patch is 306f170ca2a8203ae3d8f51fb219ba9e05b945e1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-220055.
A vulnerability has been found in fanzila WebFinance 0.5 and classified as critical. This vulnerability affects unknown code of the file htdocs/admin/save_Contract_Signer_Role.php. The manipulation of the argument n/v leads to sql injection. The name of the patch is abad81af614a9ceef3f29ab22ca6bae517619e06. It is recommended to apply a patch to fix this issue. VDB-220054 is the identifier assigned to this vulnerability.
A Hacker’s Mind will be published on Tuesday.
I have done a written interview and a podcast interview about the book. It’s been chosen as a “February 2023 Must-Read Book” by the Next Big Idea Club. And an “Editor’s Pick”—whatever that means—on Amazon.
There have been three reviews so far. I am hoping for more. And maybe even a published excerpt or two.
Amazon and others will start shipping the book on Tuesday. If you ordered a signed copy from me, it is already in the mail.
If you can leave a review somewhere, I would appreciate it.
A vulnerability has been discovered in vBulletin which could allow for remote command execution. vBulletin is a tool used to manage and create online forums. Successful exploitation of this vulnerability could allow for remote command execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.
An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.
The new loaders also leverage obfuscated virtualization techniques to avoid detection
The Jira versions affected by the vulnerability are 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1 and 5.5.0