Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Share tech news, updates, or what's on your mind.

Sign up to Post

We would like to do virtual patching for various CVEs that
were published early ie we can't wait for 1-3 months to
patch : ideally it's auto-deployed from the principal to
the device via Internet.

Is NIDS, HIPS (eg: Trendmicro's Deep Security) or WAF or
which product is most suited for virtual patching in terms of

a) lead time the vendor releases the signature/rules (the
    earlier the vendor releases it, the earlier we can deploy
    the mitigation)

b) the thoroughness the vendor/developer/principal tests
     the rules/signatures so as to minimize service disruption:
     had seen cases where the rules/signatures cause
     disruptions (eg: 'Repeated IIS Parameter'   and
     'Clickjacking' vulnerabilities)

c) we may not plan to do layered security ie not multiple
    devices of NIDS, HIPS plus WAF, but just  select one.
    So ideally the selected device could also do
    "Brute Force" (say 10 login attempts within 10 secs
     from same IP) & "Bad public source IP" blocking
0
Do You Have a Trusted Wireless Environment?
Do You Have a Trusted Wireless Environment?

A Trusted Wireless Environment is a framework for building a complete Wi-Fi network that is fast, easy to manage, and secure.

We've just installed a new next-gen firewall and I need some assistance getting some communication between two of the interfaces.
It's a Watchguard T35 and we have our WAN on Eth0, LAN1 on Eth1, and LAN2 on Eth2.
Our WAN has a static IP, but we have /27 block of public IP's routed (at the ISP level) to our WAN for use by public facing servers.

I have that part of it working OK.  Servers connected to the LAN2 all have their static IP assignment and IP checks on the internet show the correct IPs.  This interface in the Watchguard is set as "Optional".

LAN1, is our private LAN and is set as "Trust".  Internet traffic and NAT/port forwarding is all working OK, but I cannot seem to get access to LAN2 from LAN1 devices.

I've created a firewall policy with "ANY" for the packet filtering and have set both 192.168.1.0/24 and 203.xx.xx.0/27 in both the To and From boxes.  The rule is set to allow and enabled.
But I cannot browse (using the IP or UNC name) or access any of the LAN2 resources from LAN1.  Nor can LAN2 access any of the LAN1 resources.

I'm new to Watchguard and thought I might ask here for any things I may have overlooked before lodging a support ticket with Watchguard support.
1
I am installing WatchGuard SSL Vpn software which is using Open VPN software and it has TAP network driver but I can't install it unattended. Does anybody know how to install OpenVPN un-attended including TAP-Windows adapter?
0
I have a watchguard M270, the customer has a hosted server they connect to via ipsec. What policy could I enable to allow the ipsec vpn outbound.
0
I need to use Nexpose for scanning and we have a base license.  I sent a couple of emails to the company for assistance, but no response since last week.  Anyone familiar with this product that can assist?  I'm trying to scan our DMZ network for potential issues.

This will be an internal scan of the DMZ.
0
I have a user who is using the Watchguard VPN client software. They have been using it on Windows 10 Pro (v 1709) for 6 months without issue. The UAC prompt suddenly started appearing this morning when they try to run the software. No updates for Windows or the software have been installed. I have 60 other users that are using it without this problem also. I am at a loss as to why this would suddenly start needing elevated privileges to run. Does anyone know why this would happen or how to fix it? I am not going to disable user account control or give them admin rights.
0
Laptop was stolen from Starbucks.  Is there a way to track the whereabouts of the laptop?  It's not an apple machine.
0
I had this question after viewing Watchguard Firewall xFlow Configuration.
0
Microsoft Exchange 2016 Vulnerabilities:

We have vulnerabilities for below two points on Exchange 2016.
If we take action and make any changes, does it negative impact on our Exchange servers?
We have total 12 Mailbox Server, 1-WITNESS Server, 1-DAG CLUSTER. Please suggest  on below vulnerabilities.
Need your valuable inputs.

Vulnerabilities:
1) 3DES configuration in registry, & 
2) Disabling “SendExtraRecord” parameters in registry.

SSL Medium Strength Cipher Suites Supported      The remote host supports the use of SSL ciphers that offer medium
strength encryption. Nessus regards medium strength as any encryption
that uses key lengths at least 64 bits and less than 112 bits, or else
that uses the 3DES encryption suite.

Note that it is considerably easier to circumvent medium strength
encryption if the attacker is on the same physical network.

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)      A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow
information disclosure if an attacker intercepts encrypted traffic
served from an affected system.

TLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are
not affected.

This plugin tries to establish an SSL/TLS remote connection using an
affected SSL version and cipher suite and then solicits return data.
If returned application data is not fragmented with an empty or
one-byte record, it is likely vulnerable.

OpenSSL uses…
0
I have tried several things to disable TLS 1.0 on a Windows 7 system.  All the documentation states to add registry keys and reboot.  No matter what  try TLS 1.0 is still reported to be enabled on both the client and the server side of the system.  Here are the registry keys:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Server]
"Enabled"=dword:00000000
"DisabledByDefault"=dword:00000001

Open in new window

Testing with nmap and openssl both show that TLS 1.0 is still enabled for 3389 (server).  
openssl s_client -connect 192.168.1.1:3389  -tls1
....
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ECDHE-RSA-AES256-SHA

Open in new window

nmap --script ssl-enum-ciphers -p 3389 192.168.1.1
PORT     STATE SERVICE
3389/tcp open  ms-wbt-server
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
.....

Open in new window

Going to https://www.ssllabs.com/ssltest/viewMyClient.html shows TLS 1.0 is still enabled on the client side:
 
Protocols
TLS 1.3	Yes
TLS 1.2	Yes
TLS 1.1	Yes
TLS 1.0	Yes
SSL 3	No
SSL 2	No

Open in new window

0
CompTIA Cloud+
LVL 12
CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

NESSUS vulnerability Scanner runs every often on my network. I see that All my Windows server 2008 R2, 2012 R2, Windows 8.1. shows the following two vulnerabilities below on the report as HIGH. We do have PCI regulation, we do not manage credit card services by the way.
1) TLS version 1.0 Protocol Detection
2) SSL Version 2 and 3 Protocol Dectection.
All my servers and Computers are patch monthly, so i do not think i am missing any patch. is there a way to fix this? I have a wildcar certificate from godaddy that i can use, so all my computers can talk using that? is this a good option?
Please advise.
Thanks,
0
have a client workstation that suddenly givea a '7-zip access denied' error on any executable but 7-zip is not installed(that i can find)  Malwarebytes scans clean and Vipre Internet Security scans clean.  Administrator/user permissions make no difference.
0
Good Afternoon,

We had a security audit of our entire network and were provided with a report of all potential vulnerabilities.
Working through these, we came across a list of users with the "allowed to be delegated to a service" vulnerability.

I've had a good search on google and ran the below powershell commands but I cannot seem to find anything regarding "These administrative accounts are allowed to be delegated to a service" on the users accounts and nothing is being returned from the powershell commands.

Get-ADUser -LdapFilter "(userAccountControl:1.2.840.113556.1.4.803:=524288)" | %{$_.DistinguishedName}

Open in new window

Get-aduser -ldapfilter "(&(userAccountControl:1.2.840.113556.1.4.803:=16777216)(msDS-AllowedToDelegateTo=*))" | %{$_.DistinguishedName}

Open in new window

Get-aduser -LdapFilter "(&(!(|(userAccountControl:1.2.840.113556.1.4.803:=524288)(userAccountControl:1.2.840.113556.1.4.803:=16777216)))(msDS-AllowedToDelegateTo=*))" | %{$_.DistinguishedName}

Open in new window

Get-aduser -LdapFilter "(&(userAccountControl:1.2.840.113556.1.4.803:=16777216)(!(msDS-AllowedToDelegateTo=*)))" | %{$_.DistinguishedName}

Open in new window


Does anyone know what "These administrative accounts are allowed to be delegated to a service" is?
Any why this is set when the accounts aren't even administrators?

Many thanks!
0
Customer has a watchguard T10 firebox firewall for a pos system.  The POS server connects directly to the trusted network port. no other computers connect to that network.  

Customer wants to setup an access point for wifi.  The watchguard has a 3rd port.  I want to activate it as a second network and allow wireless devices to access the internet.  

The watchguard firewall does not have built in wifi.  We purchased an access point that we plan to connect to the 3rd port.

This is a restaurant, there are no office pc's or network printers.

Need suggestions on policy's, the device has contenfilter subscriptions.  I want to enforce them on the 3rd port too if possible.
0
I installed AIX 7.1 there is no application installed ,i upgraded java 5 to 7 .
When i run Nessus scan i am getting sslv2 and sslv3 detection vulnerability .
0
I installed AIX 7.1 there is no application installed ,i upgraded java 5 to 7 .
When i run Nessus scan i am getting sslv2 and sslv3 detection vulnerability .
0
How to block RFC 1918 and create object-groups and use that object-groups to block any udp traffic inbound to the external interface on a WatchGuard Firebox (M200)?
0
Hi, i am having an issue with IIS 10 and my PCI DSS Scanning.

I keep getting the below feedback. However in the release notes for IIS 10 it said you can block this information by going in to the configuration editor > system.webserver > Security > request filtering and changing "RemoveServerHeader" to True.  I have done this for the default web site and Exchange Back end.

However the results still come back the same, i know i can use URLrewrite or some other method, however if its now built in to IIS 10 i would like to try and figure out why it wont work.

Thanks in advance for any help.

"Web Server HTTP Header Information Disclosure"
"Server type : Microsoft IIS"
"Server version : 10.0"
"Source : Microsoft-IIS/10.0"
0
We have a Linux server and after it was scanned for any security vulnerabilities, we got one about "SSH Weak Algorithms Supported".  I tried to make a change to the ssh_config file under /etc/ssh/ to remove the support for any "arcfour" algorithm, but after another scan, it is still showing that this vulnerability exists.  Can anyone tell me exactly what I need to change?  This is my line in the ssh_config file:

 Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc

Thanks in advance!
- Christian
0
Fundamentals of JavaScript
LVL 12
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

We have a Watchguard M200 firewall that we would like to limit inbound/outbound bandwidth to 20Mbps on our External (WAN) interface. Our ISP allows for 40Mbps total bandwidth. I've gone into Traffic Management and changed the interface to limit bandwidth to 20Mbps but this only seems to apply to upstream outbound traffic. Inbound traffic is still coming in at the fulll 40Mbps. Is it possible to also limit inbound traffic to 20Mbps?

Thank you
0
Hi, when i was trying to create  a new user account in bugzillla (from GUI) it says "A confirmation email has been sent containing a link to continue creating an account. The link will expire if an account is not created within 3 days". But i have not received any confirmation email. facing this issue from several days. i am able to receive mails earlier but encountering issue now. we are using smtp port 465.
0
I am having an issue accessing a secure ftp web site from a network.  The network uses a watchguard xtm 25 appliance and then runs Server 2008 R2 as the network server.  The workstations are all Windows 7 Pro.

The URL is https://oebsftp.ontarioenergyboard.ca.  This should bring me to a log in page, but instead the following message

The message from IE 11 is as follows:

This page can’t be displayed


Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://oebsftp.ontarioenergyboard.ca  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

Fire fox give the following:
Secure Connection Failed

The connection to oebsftp.ontarioenergyboard.ca was interrupted while the page was loading.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.
Often the Ontario energy board upload sites are designed for IE only.

I do not see anything in the Watchguard appliance but may be overlooking something.

The server uses SEP 14.0 for both anti-virus and Firewall

As a separate issue, email using Outlook 2013 cannot use ssl either
0
Regarding CVE-2018-0151 and apologies if this seems like a newb question but....

Is it still advisable to disable UDP port 18999 if your not using the the Adaptive QoS for Dynamic Multipoint VPN (DMVPN) feature?  Or should we only be concerned with this if the feature set is enabled and in use?  Our network engineers are clamoring over the fact that they would have to disable the port on over 600 devices in order to address this given we're not utilizing the feature.

Thanks in advance
0
We have a WatchGuard M300. We currently have an internet connection that is too small for our needs. Our issue is the upload speed is capped at 20Mbps. With the M300 can we add a second internet connection and have our internet traffic divided evenly between these two connections?
0
Hi All

This is not a question as such im looking for information ideas on how i can pass VLAN's across a ipsec VPN tunnel

Ive got 16 VLANS that is hosted at one site located a few hundred kilometers away from my secondary site and i want to be able to push the vlans from the main site to the secondary site and then be able to distriube those via a switch at the remote site

The sites currently will be connected via either Sonicwalls or WatchGuard UTM Appliances

Any help or suggestions on this would be greatly appreciated
0

Vulnerabilities

6K

Solutions

8K

Contributors

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.