KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit

August 17, 2023

Read Time:20 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17

Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit
Advisory ID: KL-001-2023-003
Publication Date: 2023.08.17
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2023-003.txt

1. Vulnerability Details

Affected Vendor: ThousandEyes
Affected Product:…

Advisories

KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump

August 17, 2023

Read Time:20 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17

KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump

Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump
Advisory ID: KL-001-2023-002
Publication Date: 2023.08.17
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2023-002.txt

1. Vulnerability Details

Affected Vendor: ThousandEyes
Affected Product: ThousandEyes…

Advisories

KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig

August 17, 2023

Read Time:21 Second

Posted by KoreLogic Disclosures via Fulldisclosure on Aug 17

KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig

Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig
Advisory ID: KL-001-2023-001
Publication Date: 2023.08.17
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2023-001.txt

1. Vulnerability Details

Affected Vendor: ThousandEyes
Affected Product: ThousandEyes…

Advisories

USN-6299-1: poppler vulnerabilities

August 17, 2023

Read Time:14 Second

It was discovered that poppler incorrectly handled certain malformed PDF
files. If a user or an automated system were tricked into opening a
specially crafted PDF file, a remote attacker could possibly use this
issue to cause a denial of service. (CVE-2020-36023, CVE-2020-36024)

News

LinkedIn under attack, hackers seize accounts

August 17, 2023

Read Time:10 Second

Security researchers have identified that a widespread LinkedIn hacking campaign has seen many users locked out of their accounts worldwide.

Read more in my article on the Tripwire State of Security blog.

News

CISA Launches Joint Initiative to Secure RMM Software

August 17, 2023

Read Time:4 Second

It was created with industry and government stakeholders via the Joint Cyber Defense Collaborative

News

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

August 17, 2023

Read Time:3 Second

Aqua Nautilus exposed naming policy, ownership verification and module exposure vulnerabilities

News

Phishing Spree Targets Zimbra Collaboration Account Holders

August 17, 2023

Read Time:5 Second

ESET said the campaign mainly targeted SMEs and governmental entities in Poland, Ecuador and Italy

Advisories

USN-6294-2: HAProxy vulnerability

August 17, 2023

Read Time:15 Second

USN-6294-1 fixed vulnerabilities in HAProxy. This update provides the
corresponding updates for Ubuntu 20.04 LTS.

Original advisory details:

Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length
headers. A remote attacker could possibly use this issue to manipulate the
payload and bypass certain restrictions.

Advisories

USN-6298-1: ZZIPlib vulnerabilities

August 17, 2023

Read Time:25 Second

Liu Zhu discovered that ZZIPlib incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2018-7727)

YiMing Liu discovered that ZZIPlib incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2020-18442)

Cyber Security News

Monthly Archives: August 2023

KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit

KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation via tcpdump

KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Read via sudo dig

USN-6299-1: poppler vulnerabilities

LinkedIn under attack, hackers seize accounts

CISA Launches Joint Initiative to Secure RMM Software

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

Phishing Spree Targets Zimbra Collaboration Account Holders

USN-6294-2: HAProxy vulnerability

USN-6298-1: ZZIPlib vulnerabilities

News, Advisories and much more