many parts make the whole
Veeam has recently disclosed a vulnerability which allows unauthenticated access to cleartext credentials. A bad actor would only require network access to exploit this vulnerability and it has been assigned a CVSS score of 7.5 HIGH. Versions before 12.0.0.1420 P20230223 and 11.0.1.1261 P20230227 are vulnerable. Leaked credentials are especially concerning in this case because they … Read More “Veeam Backup & Replication – CVE-2023-27532” »
A buffer overflow vulnerability has been disclosed that could allow for local privilege escalation to root and leakage of stack and heap addresses. The CVSS score is 7.8 HIGH. A patch has been proposed and mitigation is available by disabling unprivileged user namespaces. This is another buffer overflow in nf_tables similar to the one we … Read More “KERNEL STACK BUFFER OVERFLOW in Linux – CVE-2023-0179” »
A vulnerability in the Linux kernel was recently disclosed that could allow a bad actor with local access to escalate to root privileges. A bug in nft_elem_init leads to a buffer overflow and allows for access as root. The vulnerability has a CVSS score of 7.8 HIGH. A patch has been released by the Linux … Read More “LINUX FIREWALL VULNERABILITY – CVE-2022-34918” »
A new privilege escalation vulnerability has been released for Active Directory. The vulnerability allows a low privileged user to escalate their privileges to Domain Administrator by abusing certificate based authentication. This vulnerability was patched as part of the May 2022 Microsoft Security Updates, so ensure you are up to date. Great writeup on the vulnerability … Read More “CERTIFRIED Active Directory DOMAIN PRIVILEGE ESCALATION – CVE-2022-26923” »
AWS released several hot patches to mitigate vulnerability to log4shell. Unfortunately Unit 42 at Palo Alto identified several severe vulnerabilities with their fixes, including container escape which is pretty much the holy grail of a cloud vulnerability. If you are not familiar, cloud infrastructure works by having a lot of hardware that is effectively “shared” … Read More “AWS Log4Shell PATCH VULNERABLE TO CONTAINER ESCAPE AND PRIV ESCALATION” »
Google is again issuing an update to address a zero-day vulnerability in Google Chrome since the beginning of this year. Type confusion could allow a bad actor to exploit heap corruption via a specially crafted HTML page. Currently this CVE is CVSS scored 8.8 HIGH. Google is acknowledging there is already an exploit in the … Read More “Google ISSUES SECOND UPDATE TO ADDRESS A ZERO-DAY VULNERABILITY in Google Chrome THIS YEAR – CVE-2022-1096” »
Log4j appears to be the gift that keeps on giving. The severity score for the second Log4j vulnerability, CVE-2021-45046, has been upgraded from a CVSS score of 3.7 to 9.0. The fix for the original CVE-2021-44228 in Apache Log4j has been found to be incomplete allowing for Remote Code Execution in certain configurations. LunaSec blog … Read More “SEVERITY UPGRADE for Log4Shell CVE-2021-45046” »
fail2ban is very useful piece of software that stops brute forcing attacks on a variety of services. Knowing that fail2ban exists is serious source of frustration for me personally when I am completing a vulnerable machine or an exercise and the solution is “just brute force credentials using hydra and X wordlist.” In the back … Read More “REMOTE CODE EXECUTION in fail2ban – CVE-2021-32749” »
As more and more people are working remotely virtual meeting apps like Zoom are becoming an essential part of many organizations. Although Zoom is no stranger to security issues, see CVE-2021-28133 and CVE-2021-30480, it is still widely in use. Personally I would recommend using an alternative like Teams or Webex, but to each their own. … Read More “REMOTE CODE EXECUTION in Zoom from Pwn2Own 2021” »
Exploit code is now available for CVE-2021-1675 allowing for Remote Code Execution. This vulnerability allows an unauthenticated bad actor to execute code as SYSTEM on vulnerable systems. Microsoft has released an advisory and patches are available here. There are reports that the patches alone are not sufficient at this time so you may want to … Read More “PrintNightmare – REMOTE CODE EXECUTION in Windows Spooler Service CVE-2021-1675” »