Hello, welcome to the Monday, May 13th, 2019 edition of the San Santernat Storm Center's Stormcast.

My name is Johannes Ulrich and I'm recording from San Diego, California.

If you are reading our Sansanet Storm Center diaries, you probably have noticed that DDA is really well known for creating

a ton of useful little tools, typically in Python.

If you want a collection of all of DDA's tools, nothing easier than that.

With the S-S suite, that's a Docker container that contains all of the DA's latest tools

pre-installed.

So great if you have to analyze documents and the like, that's what usually his tools are

really great at.

And the Cisco Talas research team has released details about a new vulnerability in the

SQLite 3 database.

This vulnerability does allow remote code execution.

It is a use after free vulnerability and certainly exploitable.

However, before you go out and panic and try to rush

out and update, consider that an attacker would have to actually send a custom, carefully crafted,

SQL command to the database. If you do allow users to execute arbitrary commands against the database,

well, that's usually already a user in a more trusted position. So being able to execute

code on the SQLite server may not really give them that much more access. So this is nothing that could easily be

exploited, for example, for a web application or something like that, unless you do allow for

SQL injection. A patch is available and you should certainly apply it, but no need to rush it.

So if you don't see an updated package for your particular

operating system, you can certainly wait a couple days. And talking about patches, NVIDIA

...