February 22, 2020
Vulnerability Notification: Apache Tomcat File Inclusion Vulnerability
[Overview] Apache Tomcat is a free open source web application server. It is a relatively popular web application server, being widely used in the framework of web application services. Recently, a file of Tomcat was found to contain vulnerabilities. At present, a new version has been released for the vulnerability fix. Meanwhile, Hillstone Networks has…August 16, 2019
Vulnerability Notification: Windows RDP Remote Desktop Services Remote Code Execution
[Overview] Once the Windows RDP Remote Desktop Services worm-level remote code execution vulnerabilities (CVE-2019-1181, CVE-2019-1182) appeared, Hillstone Networks immediately issued an early warning. [Vulnerability Details] On August 14, 2019, Microsoft officially released a security patch containing two critical remote code execution vulnerabilities – CVE-2019-1181 and CVE-2019-1182. These two vulnerabilities are similar to the previously fixed…May 24, 2019
Vulnerability Notification: Remote Desktop Services Remote Code Execution
[Overview] Remote Desktop Services (RDS) is one of the components of Microsoft Windows that allow users to remotely access and take control of a computer or virtual machine. Recently, the Remote Desktop Services Remote Code Execution vulnerability was published officially. [Vulnerability Details] CVE-2019-0708: The vulnerability is pre-authentication and requires no user interaction. A remote attacker…March 1, 2019
Vulnerability Notification: Apache Subversion mod_dav_svn Denial of Service
[Overview] Subversion is an open source version control and software version control system that runs as a standalone server or as a module of the Apache HTTPD server. Recently, the denial of service vulnerability was fixed officially. [Vulnerability Details] CVE-2018-11803: The vulnerability is caused by improper dereference of an uninitialized pointer variable. A remote attacker…December 26, 2018