[email protected]      0333 939 8080

Jumpsec Labs
Jumpsec Labs

JUMPSEC LABS

The JUMPSEC Lab is a place where the the technical team get creative and showcase their latest security research, publications, interesting news and general thoughts!  We love what we do and are passionate about security, with some great upcoming projects planned, bookmark our site and stick around to see what we are working on.

Advisory CVE-2020-13773 – Ivanti Unified Endpoint Manager Reflected XSS

by xnand | Nov 13, 2020 | ,

Software: Ivanti Endpoint ManagerAffected Versions: <= 2020.1.1Vendor page: www.ivanti.comCVE Reference: CVE-2020-13773Published: 13/11/2020CVSS 3.1 Score: 5.5 - AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LAttack Vector: Remote, authenticatedCredits: Andrei Constantin Scutariu, Lenk Ratchakrit, Calvin Yau Summary Various web pages on Ivanti Unified Endpoint Manager web management console lack proper input validation on parameters passed in HTTP request, leaving the application vulnerable to...

read more

Advisory CVE-2020-13774 – Ivanti Unified Endpoint Manager authenticated RCE via file upload

by xnand | Nov 12, 2020 | ,

Improper validation on file upload functionality present in Ivanti Unified Endpoint Manager’s web management console permits an authenticated user to upload .aspx files and execute them on the MS IIS server’s context. The issue is caused by insufficient file extension validation and insecure file operations on the uploaded image, which upon failure will leave the temporarily created files in an accessible location on the server.

read more

Short introduction to Network Forensics and Indicators of Compromise (IoC)

by | Jun 28, 2016 | , , , , ,

“Indicator of compromise (IOC) in computer forensics is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers. After IOCs have been identified in a process of incident response and computer forensics, they can be used for early detection of future attack attempts using intrusion detection...

read more

CVE 2015-7547 glibc getaddrinfo() DNS Vulnerability

by jstester007 | Mar 7, 2016 | , ,

Hello w0rld! JUMPSEC researchers have spent some time on the glibc DNS vulnerability indexed as CVE 2015-7547 (It hasn’t got a cool name like GHOST unfortunately…). It appears to be a highly critical vulnerability and covers a large number of systems. It allows remote code execution by a stack-based overflow in the client side DNS resolver. In this post we would like to present our analysis. Google POC overview Google POC Network Exploitation Timeline Google POC Exploit Code Analysis First...

read more

GitHub

JUMPSECLabs

Follow JumpsecLabs

Disclaimer

The information provided on this website is to be used for educational purposes only. The author is in no way responsible for any misuse of the information provided. Any actions and or activities related to the material contained within this website is solely your responsibility.

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton
W3 0RG

To learn more about JUMPSEC's services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

To learn more about JUMPSEC'S services please get in touch:

Give us a call: 0333 939 8080

Send us a message: [email protected]

Jumpsec, Unit 3E – 3F, 33 – 34 Westpoint,
Warple Way, Acton, W3 0RG

© JUMPSEC 2020 | Privacy Policy
JUMPSEC Ltd. is a company registered in England and Wales. Registered Address: 1 Golden Court, Richmond, Surrey, TW9 1EU. Registration Number: 08327063