SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: OpenSSL issues patches for critical denial-of-service vulnerability
Description: OpenSSL disclosed and patched a denial-of-service vulnerability last week that could allow adversaries to completely crash servers. An attacker could cause a null pointer dereference, and then send a specially crafted, malicious request to crash the targeted server. OpenSSL is one of the most popular software libraries on the internet. It is a toolkit for TLS or SSL and serves as a general cryptographic library. The maintainers behind the toolkit also fixed a separate vulnerability that could prevent apps from detecting and rejecting unsigned TLS certificates.
Snort SID: 56942 – 56944, 56957 - 56963
Title: Critical vulnerabilities in Cisco Jabber for mobile, desktop devices
Description: Cisco fixed multiple vulnerabilities in the Jabber messaging software that affects versions for mobile devices, MacOS and Windows. An attacker could exploit any of these bugs to execute arbitrary programs on the underlying operating system with elevated privileges. They could also potentially access sensitive information, intercept protected network traffic or cause a denial of service. Adversaries only need to exploit one of the vulnerabilities disclosed this week to carry out these malicious actions. They also must be able to authenticate to an Extensible Messaging and Presence Protocol (XMPP) server that the affected software uses and be able to send XMPP messages to a targeted system.
Snort SIDs: 55016 – 55018, 56572, 56573, 56575, 56576, 56588 – 56591, 57351 – 57354, 57359