Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability.
Monthly Archives: August 2022
ZDI-22-1036: NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1037: NetBSD Kernel getkerninfo System Call Uninitialized Memory Information Disclosure Vulnerability
Read Time:11 Second
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Traceable AI adds eBPF to security platform for deeper API observability and visibility
Read Time:36 Second
API security firm Traceable AI has announced the addition of extended Berkeley Packet Filter (eBPF) data to its platform to enhance API observability and visibility. eBPF is a technology that makes it possible to run special programs deep inside the Linux operating system in an isolated way.
A variant of BPF, it has become a universal in-kernel virtual machine that allows teams to collect data from Linux applications and network resources more easily and efficiently. By adding eBPF data to its platform, Traceable AI said it is helping CISOs, DevSecOps, and DevOps teams improve API security postures without the need to change kernel source code or add instrumentation.
Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution
Read Time:20 Second
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6969. Third-party adversaries
who can reach infected hosts can run commands made available by the…
Backdoor.Win32.Destrukor.20 / Authentication Bypass
Read Time:18 Second
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 6969. However, after sending a
specific cmd “rozmiar” the backdoor returns “moznasciagac” in Polish…
DSA-5198 jetty9 – security update
Read Time:4 Second
Two security vulnerabilities were discovered in Jetty, a Java servlet engine
and webserver.
webkit2gtk3-2.36.5-2.fc35
Read Time:17 Second
FEDORA-2022-513f28a4be
Packages in this update:
webkit2gtk3-2.36.5-2.fc35
Update description:
Add support for PAC proxy in the WebDriver implementation.
Fix video playback when loaded through custom URIs, this fixes video playback in the Yelp documentation browser.
Fix several crashes and rendering issues.
Security fixes: CVE-2022-32792, CVE-2022-32816
Living off the Land: The Power Behind PowerShell
Read Time:6 Second
CIS has released a guide that provides organizations with a strategic and multi-faceted approach for securing against attacks using PowerShell.
golang-1.17.12-1.el7
Read Time:16 Second
FEDORA-EPEL-2022-ced30d9530
Packages in this update:
golang-1.17.12-1.el7
Update description:
Update to 1.17.12, security fixes for CVE-2022-30629, CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, CVE-2022-28131, CVE-2022-30633, CVE-2022-30632, CVE-2022-30635, CVE-2022-30630, CVE-2022-1962