::
About Us
::
Services
::
Links
::
 
 
2017 中文版 | 2017 English              2009 中文版 | 2009 English
Students | Staff   VPN
IP/Network Query . . .   
 
     
 

Date:2020/12/11

【Security Information】Internet security vendor FireEye red team security testing tool has been leaked. It is recommended to fix the CVE security vulnerabilities used by the tool as soon as possible!

Subject:【Security Information】Internet security vendor FireEye red team security testing tool has been leaked. It is recommended to fix the CVE security vulnerabilities used by the tool as soon as possible!

  • Description:
    For details, please refer to the following links.
  • Impacted platform:
    1. CVE-2014-1812 – Windows Local Privilege Escalation
    2. CVE-2016-0167 – local privilege escalation on older versions of Microsoft Windows
    3. CVE-2017-11774 – RCE in Microsoft Outlook via crafted document execution (phishing)
    4. CVE-2018-8581 - Microsoft Exchange Server escalation of privileges
    5. CVE-2019-0604 – RCE for Microsoft Sharepoint
    6. CVE-2019-0708 – RCE of Windows Remote Desktop Services (RDS)
    7. CVE-2020-0688 – Remote Command Execution in Microsoft Exchange
    8. CVE-2020-1472 – Microsoft Active Directory escalation of privileges
    9. CVE-2019-8394 – arbitrary pre-auth file upload to ZoHo ManageEngine ServiceDesk Plus
    10. CVE-2020-10189 – RCE for ZoHo ManageEngine Desktop Central
    11. CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Fortigate SSL VPN
    12. CVE-2018-15961 – RCE via Adobe ColdFusion (arbitrary file upload that can be used to upload a JSP web shell)
    13. CVE-2019-3398 – Confluence Authenticated Remote Code Execution
    14. CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs
    15. CVE-2019-11580 - Atlassian Crowd Remote Code Execution
    16. CVE-2019-19781 – RCE of Citrix Application Delivery Controller and Citrix Gateway

Network System Division
Computer and Communication Center

 
Last modified:: 2020/12/11 15:44
 
     
   
FAIL: (the browser should render some flash content, not this).
FAIL: (the browser should render some flash content, not this).
::Previous | Next | Refresh | Print  | Back Home | NTHU | Computer and Communication Center
Copyright (c) 2008-2010 National Tsing Hua University ALL RIGHTS RESERVED
View count: 535
 
 
Close