FortiWeb 5.6.0 introduced a feature called "Signed Security Mode", which, when enabled, would prevent an attacker from tampering with "regular" cookies set by the web-sites protected by FortiWeb; in effect, access to the protected web-site can be blocked when cookie tampering is detected (depending on the "Action" selected by the FortiWeb admin).This protection can however be made inoperant if the attacker removes FortiWeb's own session cookie. The protected web-sites then become accessible, even with altered cookies.

The FortiOS web proxy disclaimer page is potentially vulnerable to an XSS attack, via maliciously crafted "Host" headers in user HTTP requests. The latter is possible if an attacker is in a Man-in-the-middle position (i.e. able to modify the HTTP requests of the potential victim before they reach the web proxy), or poisons a web cache used by the potential victim.In the latter attack scenario, the tainted disclaimer web page being cached, the XSS attack can be considered as persistent.

Intel recently released a security update (Intel-SA-00086), regarding Intel ME 11.x, SPS 4.0, and TXE 3.0 intel products.The following Firmware are impacted:Intel Management Engine (ME) Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20Intel Server Platform Services (SPS) Firmware version 4.0Intel Trusted Execution Engine (TXE) version 3.0And the following Intel products are affected:6th, 7th & 8th Generation Intel Core Processor FamilyIntel Xeon Processor E3-1200 v5 & v6 Product FamilyIntel Xeon Processor Scalable FamilyIntel Xeon Processor W FamilyIntel Atom C3000 Processor FamilyApollo Lake Intel Atom Processor E3900 seriesApollo Lake Intel PentiumCeleron N and J series ProcessorsAn attacker could gain unauthorized access to the platform, the Intel ME feature, and 3rd party secrets protected by the Intel Management Engine (ME), the Intel Server Platform Service (SPS), or the Intel Trusted Execution Engine (TXE).This includes scenarios where a successful attacker could Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity. Concrete impact may be "load and execute arbitrary code outside the visibility of the user and operating system", or "system crash or system instability".The assigned CVEs are:CVEs:Intel Manageability Engine Firmware 11.0.x.x/11.5.x.x/11.6.x.x/11.7.x.x/11.10.x.x/11.20.x.xCVE-2017-5705CVE-2017-5708CVE-2017-5711CVE-2017-5712Intel Manageability Engine Firmware 8.x/9.x/10.xCVE-2017-5711CVE-2017-5712Server Platform Service 4.0.x.xCVE-2017-5706CVE-2017-5709IntelTrusted Execution Engine 3.0.x.xCVE-2017-5707CVE-2017-5710

A new type of side channel attacks impact most processors including Intel, AMD and ARM. The attack allows malicious userspace processes to read kernel memory, thus potentially causing kernel sensitive information to leak. These vulnerabilities are referred to as Meltdown and Spectre.Spectre attack:CVE-2017-5753CVE-2017-5715Meltdown attack:CVE-2017-5754

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption is possible without knowledge of the server's private key.

Zum Seitenanfang