![]() CVE-2022-30333 allows an attacker to write a file anywhere on the target file system as the user that executes unrar. CVE-2022-30333ĬVE-2022-30333 is a path traversal vulnerability in unRAR, Rarlab’s command line utility for extracting RAR file archives. The following vulnerabilities can be used for remote code execution and are being exploited in the wild. We urge organizations who use Zimbra to patch to the latest version on an urgent basis, and to upgrade future versions as quickly as possible once they are released. If you use Yahoo's Zimbra client to check your e-mails, you might want to think about changing your passwords – a flaw in the program reveals your private information in plain text.Īccording to an article over on CNet, Canadian hacker Holden Karau discovered the flaw in Zimbra whilst participating in the Yahoo University Hack Day, a programme aimed at encouraging developers and hackers to play with Yahoo APIs and invent new applications.Over the past few weeks, five different vulnerabilities affecting Zimbra Collaboration Suite have come to our attention, one of which is unpatched, and four of which are being actively and widely exploited in the wild by well-organized threat actors. Unrar Path Traversal Vulnerability affects Zimbra Mail. Zimbra Collaboration Suite XXE vulnerability Fortinet Targeted for Unpatched SSL VPN Discovery Activity Spear-phishing Email Targeting Outlook Mail. Unfortunately, Yahoo got rather more than it bargained for from Karau. In a post on his blog, Holden explains that the IMAP e-mail servers that Yahoo uses for its Yahoo Zimbra Desktop client don't support the Secure Sockets Layer encryption protocol, which means “ the password was being transmitted in plain text.” Exploiting an Unbounded memcpy in Parallels Desktop: A Pwn2Own 2021 Guest-to-Host Virtualization. ![]() While the flaw requires a fairly unlikely attack – at some point between you and the server, an attacker would have to 'sniff' the traffic to capture the passwords – it is by no means impossible to exploit. ![]() ![]() For users on a wireless network, it's even more of an issue: wireless systems work by broadcasting all data to all clients, making it trivial to eavesdrop a conversation and pick up the password. Serious problem exploits 'brute force attack'. Karau admits that the Hack Day wasn't the best place to bring the issue up, but claims that – despite not placing in the competition, unsurprisingly – he has no regrets: “ In retrospect it probably wasn't the best forum to bring up the security defects, but it was the most convenient.”Ī spokesperson for Yahoo claims that “ problem has already been addressed in code, and fix is in the next release,” although offers no explanation for how e-mail software in this day and age could be set to plain-text authentication.Īny Zimbra users out there panicking about who's reading their e-mails, or don't you care who has access to your spam? Share your thoughts over in the forums. Hello everyone, I have been the victim of an attack on my server, my server does not publish the 7071 port, the attack seems to originate from the same server, i changed the password but there are continuous attempts to login.
0 Comments
Leave a Reply. |