BIG-IP AFM & PEM Security Vulnerabilities

Stark Industries Solutions: An Iron Hammer in the Cloud

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: scorecard, falco, kubernetes-csi-external-attacher, external-secrets-operator, ollama, policy-controller, temporal, flux-source-controller, doppler-kubernetes-operator, kubeadm-bootstrap-controller, aws-ebs-csi-driver, kots, k3s, weaviate, terraform-provider-aws,...

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, kubernetes-dns-node-cache, kubernetes-csi-driver-hostpath, node-feature-discovery, calico, spark-operator, nodetaint, local-static-provisioner, aws-ebs-csi-driver, kubeflow-pipelines, ip-masq-agent,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: scorecard, falco, kubernetes-csi-external-attacher, ollama, flux-source-controller, prometheus-blackbox-exporter, kots, weaviate, nginx-mainline, terraform-provider-aws, memcached-exporter, kind, spark-operator, gitness, kubewatch, pulumi-language-yaml, argo-cd,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: dive, helm-push, scorecard, kubernetes-csi-external-attacher, hello-world-golang, direnv, external-secrets-operator, policy-controller, flux-source-controller, ghaudit, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, flyte, cilium-cli, spqr,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: dive, helm-push, scorecard, kubernetes-csi-external-attacher, hello-world-golang, direnv, external-secrets-operator, policy-controller, flux-source-controller, ghaudit, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, flyte, cilium-cli, spqr,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: go-licenses, sonobuoy, flannel-cni-plugin, helm-push, mage, scorecard, falco, k3d, cilium-envoy, aws-flb-kinesis, cni-plugins, aws-flb-firehose, gobuster, go-md2man, cortex, gosu, go-bindata, nats, ctop, kind, nsc, oras, kubernetes-dashboard-metrics-scraper,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: dive, helm-push, policy-controller, temporal, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, cni-plugins, k3s, cilium-cli, step-issuer, velero-plugin-for-csi, helm-operator, kubewatch, spegel, kubernetes, speedtest-go, ipfs, amass, aws-flb-cloudwatch,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: scorecard, falco, kubernetes-csi-external-attacher, external-secrets-operator, ollama, policy-controller, temporal, flux-source-controller, doppler-kubernetes-operator, kubeadm-bootstrap-controller, aws-ebs-csi-driver, kots, k3s, weaviate, terraform-provider-aws,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: dive, helm-push, policy-controller, temporal, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, cni-plugins, k3s, cilium-cli, step-issuer, velero-plugin-for-csi, helm-operator, kubewatch, spegel, kubernetes, speedtest-go, ipfs, amass, aws-flb-cloudwatch,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, aws-ebs-csi-driver, prometheus-adapter, spark-operator, calico, aws-efs-csi-driver, kubernetes-dns-node-cache, ip-masq-agent,...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, aws-ebs-csi-driver, prometheus-adapter, spark-operator, calico, aws-efs-csi-driver, kubernetes-dns-node-cache, ip-masq-agent,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: dive, helm-push, scorecard, kubernetes-csi-external-attacher, hello-world-golang, direnv, external-secrets-operator, policy-controller, flux-source-controller, ghaudit, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, flyte, cilium-cli, spqr,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: go-licenses, sonobuoy, flannel-cni-plugin, helm-push, mage, scorecard, falco, k3d, cilium-envoy, aws-flb-kinesis, cni-plugins, aws-flb-firehose, gobuster, go-md2man, cortex, gosu, go-bindata, nats, ctop, kind, nsc, oras, kubernetes-dashboard-metrics-scraper,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: go-licenses, sonobuoy, flannel-cni-plugin, helm-push, mage, scorecard, falco, k3d, cilium-envoy, aws-flb-kinesis, cni-plugins, aws-flb-firehose, gobuster, go-md2man, cortex, gosu, go-bindata, nats, ctop, kind, nsc, oras, kubernetes-dashboard-metrics-scraper,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: scorecard, falco, kubernetes-csi-external-attacher, ollama, flux-source-controller, prometheus-blackbox-exporter, kots, weaviate, nginx-mainline, terraform-provider-aws, memcached-exporter, kind, spark-operator, gitness, kubewatch, pulumi-language-yaml, argo-cd,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: go-licenses, sonobuoy, flannel-cni-plugin, helm-push, mage, scorecard, falco, k3d, cilium-envoy, aws-flb-kinesis, cni-plugins, aws-flb-firehose, gobuster, go-md2man, cortex, gosu, go-bindata, nats, ctop, kind, nsc, oras, kubernetes-dashboard-metrics-scraper,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler, kubernetes-dns-node-cache, kubernetes-csi-driver-hostpath, node-feature-discovery, calico, spark-operator, nodetaint, local-static-provisioner, aws-ebs-csi-driver, kubeflow-pipelines, ip-masq-agent,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: dive, kube-rbac-proxy, helm-push, scorecard, falco, hello-world-golang, direnv, kubernetes-csi-external-attacher, yq, temporal, doppler-kubernetes-operator, prometheus-blackbox-exporter, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, cni-plugins, k3s,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: dive, helm-push, scorecard, kubernetes-csi-external-attacher, hello-world-golang, direnv, external-secrets-operator, policy-controller, flux-source-controller, ghaudit, kubeadm-bootstrap-controller, aws-ebs-csi-driver, http-echo, flyte, cilium-cli, spqr,...

Silverstripe Hostname, IP and Protocol Spoofing through HTTP Headers

In it's default configuration, SilverStripe trusts all originating IPs to include HTTP headers for Hostname, IP and Protocol. This enables reverse proxies to forward requests while still retaining the original request information. Trusted IPs can be limited via the SS_TRUSTED_PROXY_IPS constant....

Silverstripe Hostname, IP and Protocol Spoofing through HTTP Headers

In it's default configuration, SilverStripe trusts all originating IPs to include HTTP headers for Hostname, IP and Protocol. This enables reverse proxies to forward requests while still retaining the original request information. Trusted IPs can be limited via the SS_TRUSTED_PROXY_IPS constant....

CVE-2021-47293

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $.....

CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not...

CVE-2021-47266

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions (JAVS) is a U.S.-based company specializing in digital audio-visual recording.....

Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry

Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without touching disk. The tool is built on top of the library go-smb and use it to communicate with the Windows...

ShrinkLocker: Turning BitLocker into ransomware

Introduction Attackers always find creative ways to bypass defensive features and accomplish their goals. This can be done with packers, crypters, and code obfuscation. However, one of the best ways of evading detection, as well as maximizing compatibility, is to use the operating system's own...

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

CVE-2023-52780

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230...

A journey into forgotten Null Session and MS-RPC interfaces

A journey into forgotten Null Session and MS-RPC interfaces (PDF) It has been almost 24 years since the null session vulnerability was discovered. Back then, it was possible to access SMB named pipes using empty credentials and collect domain information. Most often, attackers leveraged null...

RHEL 8 : perl:5.32 (RHSA-2024:3128)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3128 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): *...

RHEL 8 : traceroute (RHSA-2024:3211)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3211 advisory. The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host. Security Fix(es): *...

RHEL 8 : frr (RHSA-2024:2981)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2981 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP,...

RHEL 8 : bind and dhcp (RHSA-2024:3271)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3271 advisory. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named);.....

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230...

USN-6733-1: GnuTLS vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-28834) It was...

TotalCloud Insights: Uncovering the Hidden Dangers in Google Cloud Dataproc

Summary The Apache Hadoop Distributed File System (HDFS) can be vulnerable to data compromise when a Compute Engine cluster is in a public-facing virtual private cloud (VPC) or shares the VPC with other Compute Engine instances. Google Cloud Platform (GCP) provides a default VPC called 'default.'.....

Criminal IP: Enhancing Security Solutions through AWS Marketplace Integration

By Cyber Newswire AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal… This is a post from HackRead.com Read the original post: Criminal IP: Enhancing Security Solutions through AWS Marketplace...

Above - Invisible Network Protocol Sniffer

Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security engineers. Above: Invisible network protocol sniffer Designed for pentesters and security engineers Author: Magama Bazarov, <[email protected]> Pseudonym: Caster Version: 2.6 ...