4.9 • 696 Ratings
🗓️ 9 March 2023
⏱️ 6 minutes
🧾️ Download transcript
Click on a timestamp to play from that location
0:00.0 | Hello and welcome to the Thursday, March 9th, 2020, |
0:04.5 | edition of the Sansinet Storm Center's Stormcast. My name is Johannes Ulrich. |
0:10.6 | And today I'm recording from Jacksonville, Florida. |
0:14.2 | Quick diary today about an increase in exploitation against a relatively new Jumla vulnerability. |
0:21.3 | The vulnerability was patched on February 16th, I believe. |
0:26.0 | We have seen exploits pretty much ever since this started, |
0:30.8 | but very small numbers of them. |
0:33.7 | The exploit is actually very trivial. |
0:37.0 | It's just public equals true parameters being added to the URL that will then later bypass off the occasion. |
0:45.6 | And the most commonly seen exploit of this vulnerability does go after the application's configuration, |
0:53.9 | which will then typically include things like, for example, database, credentials, and IP addresses. |
1:00.9 | This vulnerability, like I said, has been patched, but relatively recently, so certainly no surprise that we do see quite a bit of interest in it. |
1:08.1 | In the last couple days, there was one source IP in particular that has started scanning |
1:15.2 | this vulnerability very aggressively after seeing sort of a small increase, a couple days |
1:22.3 | after the vulnerability was released, but the last few days have been really big. |
1:28.8 | So I guess it's picking up more steam now. |
1:31.7 | You better have your Jumla servers patched. |
1:35.6 | Now we have an interesting vulnerability in Jenkins that may lead to remote code execution. |
1:43.0 | The vulnerability was found by Aqua Nautilus, |
1:47.0 | and Jenkins, if you're not familiar with it, |
1:49.8 | it's usually part of sort of a CI-CD pipeline. |
1:53.0 | It's an automation server that basically builds software products, |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2025.