Data: CASIE
Trigger word:
nstall
Negative Trigger
the
fix
for
a
recently
disclosed
denial-of-service
flaw
a
ffecting
Vulnerability-related.DiscoverVulnerability
a
number
of
its
security
appliances
.
The
flaw
,
t
racked as
Vulnerability-related.DiscoverVulnerability
CVE-2018-0296
,
was
detailed
in
an
advisory
on
June
6
and
a
ffects
Vulnerability-related.DiscoverVulnerability
Cisco
ASA
Software
and
Cisco
Firepower
Threat
Defense
(
FTD
)
Software
.
``
Cisco
strongly
recommends
that
customers
u
pgrade
Vulnerability-related.PatchVulnerability
to
a
fixed
software
release
to
r
emediate
Vulnerability-related.PatchVulnerability
this
issue
,
''
Omar
Santos
of
Cisco
's
Product
Security
Incident
Response
Team
w
arned
Vulnerability-related.DiscoverVulnerability
on
June
22
.
The
attacks
follow
the
publication
of
proof-of-concept
exploits
for
the
flaw
.
Santos
n
otes
Vulnerability-related.DiscoverVulnerability
that
a
unauthenticated
,
remote
attacker
could
cause
a
device
to
reload
unexpectedly
and
cause
a
denial-of-service
(
DoS
)
condition
.
Additionally
,
an
exploit
could
cause
a
DoS
or
unauthenticated
disclosure
of
information
.
However
,
Santos
said
:
``
Only
a
denial-of-service
condition
(
device
reload
)
has
been
observed
by
Cisco
.
''
Cisco
h
as also updated
Vulnerability-related.PatchVulnerability
the
advisory
for
CVE-2018-0296
with
details
about
the
attacks
.
The
researcher
who
f
ound
Vulnerability-related.DiscoverVulnerability
the
flaw
,
Michał
Bentkowski
from
Polish
security
firm
Securitum
,
gave
a
brief
description
of
the
root
cause
in
a
tweet
shortly
after
Cisco
d
isclosed
Vulnerability-related.DiscoverVulnerability
the
bug
.
Bentkowsky
r
eported
Vulnerability-related.DiscoverVulnerability
the
issue
to
Cisco
as
a
way
to
use
directory-traversal
techniques
to
disclose
information
to
an
unauthenticated
attacker
.
Cisco
labeled
its
primary
impact
as
a
DoS
condition
,
but
said
it
is
possible
that
on
certain
releases
of
ASA
a
device
reload
would
not
occur
,
yet
still
allow
an
attacker
to
use
directory-traversal
techniques
to
view
sensitive
system
information
.
Bleeping
Computer
i
dentified
Vulnerability-related.DiscoverVulnerability
two
proof-of-concept
exploits
for
CVE-2018-0296
on
GitHub
.
One
attempts
to
e
xtract
Attack.Databreach
user
names
from
Cisco
ASA
.
The
other
states
:
``
If
the
web
server
is
vulnerable
,
the
script
will
dump
in
a
text
file
both
the
content
of
the
current
directory
,
files
in
+CSCOE+
and
active
sessions
.
''
WordPress
5.0
users
are
being
urged
to
u
pdate
Vulnerability-related.PatchVulnerability
their
CMS
software
to
f
ix
Vulnerability-related.PatchVulnerability
a
number
of
serious
bugs
.
The
update
(
WordPress
5.0.1
)
a
ddresses
Vulnerability-related.PatchVulnerability
seven
flaws
and
w
as issued
Vulnerability-related.PatchVulnerability
Thursday
,
less
than
a
week
after
WordPress
5.0
w
as released.
Vulnerability-related.PatchVulnerability
The
most
serious
of
the
flaws
is
a
bug
that
allows
the
WordPress
“
user
activation
screen
”
to
be
indexed
by
Google
and
other
search
engines
,
leading
to
the
possible
public
exposure
of
WordPress
usernames
and
passwords
.
“
The
user
activation
screen
could
be
indexed
by
search
engines
in
some
uncommon
configurations
,
leading
to
exposure
of
email
addresses
,
and
in
some
rare
cases
,
default
generated
passwords
,
”
wrote
security
firm
Wordfence
in
a
blog
post
outlining
the
flaws
.
Wordfence
s
aid
Vulnerability-related.DiscoverVulnerability
all
WordPress
users
running
versions
of
the
4.x
branch
of
WordPress
core
a
re also impacted
Vulnerability-related.DiscoverVulnerability
by
similar
issues
.
It
urges
those
4.x
users
,
not
ready
to
update
to
the
5.0
branch
,
to
i
nstall
Vulnerability-related.PatchVulnerability
the
WordPress
4.9.9
security
update
(
also
r
eleased
Vulnerability-related.PatchVulnerability
this
week
)
,
which
a
ddresses
Vulnerability-related.PatchVulnerability
similar
bugs
.
Three
of
the
bugs
f
ixed
Vulnerability-related.PatchVulnerability
with
the
release
of
WordPress
5.0.1
are
cross-site
scripting
(
XSS
)
vulnerabilities
.
Two
of
the
XSS
bugs
could
allow
for
an
adversary
to
launch
a
privilege
escalation
attack
.
“
Contributors
could
edit
new
[
WordPress
web-based
]
comments
from
higher-privileged
users
,
potentially
leading
to
a
cross-site
scripting
vulnerability
,
”
Wordfence
wrote
.
“
This
is
another
vulnerability
that
requires
a
higher-level
user
role
,
making
the
likelihood
of
widespread
exploitation
quite
low
.
WordPress
a
ddressed
Vulnerability-related.PatchVulnerability
this
issue
by
removing
the
<
form
>
tag
from
their
HTML
whitelist.
”
WordPress
plugins
a
re potentially impacted
Vulnerability-related.DiscoverVulnerability
by
a
third
XSS
bug
that
opens
up
sites
to
attacks
launched
by
adversaries
who
send
specially
crafted
URLs
to
affected
sites
.
According
to
researchers
,
the
bug
d
oesn’t impact
Vulnerability-related.DiscoverVulnerability
WordPress
5.0
directly
,
rather
the
“
wpmu_admin_do_redirect
”
function
used
by
some
WordPress
plugins
.
“
Specially
crafted
URL
inputs
could
lead
to
a
cross-site
scripting
vulnerability
in
some
circumstances
,
”
they
said
.
A
PHP
(
Hypertext
Preprocessor
)
bug
w
as also identified
Vulnerability-related.DiscoverVulnerability
by
WordPress
.
This
bug
is
more
technical
in
nature
and
w
as found
Vulnerability-related.DiscoverVulnerability
by
Sam
Thomas
,
of
Secarma
Labs
,
who
p
ublicly disclosed
Vulnerability-related.DiscoverVulnerability
it
at
the
2018
Black
Hat
conference
.
“
This
vulnerability
allows
an
author
to
assign
an
arbitrary
file
path
to
an
attachment
.
The
file
path
supplied
by
the
author
uses
the
phar
:
//
stream
wrapper
on
a
previously
uploaded
attachment
which
leads
to
object
injection
utilizing
a
“
feature
”
of
the
PHAR
file
type
which
stores
serialized
objects
in
the
metadata
of
the
PHAR
file
,
”
wrote
Wordfence
.
WordPress
is
also
warning
users
of
a
unauthorized
file
deletion
bug
and
an
unauthorized
post
creation
bug
.