meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Friday, November 9th 2018

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 9 November 2018

⏱️ 17 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Cisco Updates; Ruby Deserialization; Ouch Newsletter; Blockchain Botnets @sans_edu

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Friday, November 9th, 2018 edition of the Sands and at Storm Center's Stormcast.

0:08.0

My name is Johannes Ulrich, and the I'm recording from Jacksonville, Florida.

0:14.4

Cisco released a number of security bulletins these last two days, and among all the bulletins released there are sort of

0:21.6

five that stick out four of which are rated critical and one informational well let's start

0:29.2

with the informational one the informational one is in so far interesting in that it's pretty

0:35.1

embarrassing but not really all that severe. It affects the Cisco

0:40.2

Telepresence video communication server and apparently what happened here is that some test script

0:46.4

from testing debugging the software were left behind on the shipped version of the product.

0:53.5

Now this wouldn't be quite as bad, but part of

0:58.1

these test scripts are actually exploits. For example, a Cisco internally developed exploit

1:03.8

for the Dirty Cow vulnerability. Dirty Cow was a privilegelish escalation vulnerability affected Linux.

1:12.6

Now Cisco essentially states that that makes actually some sense that they're using these exploits to make sure that released software and hardware isn't vulnerable to any of these exploits.

1:23.6

But then again, not removing these test scripts does show some lack of control in actually

1:30.4

releasing the software.

1:32.9

Now, by just sitting there on the system, these exploits don't really do much damage.

1:38.3

An attack graph would still have to gain access to the system to take advantage of these

1:42.1

exploits.

1:42.7

And at that point, they may be able to just upload the exploits to the system to take advantage of these exploits and at that point they may be able to

1:44.5

just upload the exploits to the system. Now among the critical bulletins we have one that covers

1:52.6

a number of different Cisco products that all use Struts 2.5. Remember we just had this file

2:00.3

upload vulnerability in Struts 2.5 and Remember, we just had this file upload vulnerability in struts 2.5. And of course, any product

2:04.6

using struts 2.5 is affected here. And you'll probably see similar announcements from other

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.