52 matches found
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.
...
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Today, the Australian Signals Directorate Australian Cyber Security Centre ASD ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromiseslink is external. This guide...
AS-REP Roasting
Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading - AS-REP Roasting...
PT-2023-29442 · 1E · 1E Client Mac +1
Name of the Vulnerable Software and Affected Versions: 1E Client versions prior to the version with patch Q23094 1E Client Mac versions prior to v8.1.2.62 1E Client Mac versions between v8.1 and v23.11 exclusive Description: In the affected version of the 1E Client, an ordinary user could subvert...
CVE-2023-36871
Azure Active Directory Security Feature Bypass Vulnerability...
Five Eyes Alliance Advisory & Using Threat Intelligence
Trellix Global Defenders: Five Eyes Alliance Advisory and Using Threat Intelligence to Protect Against Future Attacks By Taylor Mullins · May 6, 2022 Evolving intelligence continues to indicate that the Russian government is exploring options to launch cyberattacks in retaliation against...
GitHub CLI can execute a git binary from the current directory
Impact GitHub CLI depends on a git.exe executable being found in system %PATH% on Windows. However, if a malicious .\git.exe or .\git.bat is found in the current working directory at the time of running gh, the malicious command will be invoked instead of the system one. Windows users who run gh...
A week in security (June 21 – June 27)
Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...
SQL Injection Vulnerability in Tianrongxin Webpage Tampering Prevention System
Web anti-tampering system is a protection product specially researched and developed for website tampering attacks. The main function of the system is to provide all-around protection for the Web site directory through the underlying file driving technology, preventing hackers, viruses and other...
Information Disclosure
courier-authlib is vulnerable to information disclosure. The vulnerability exists due to a /run/courier/authdaemon directory with weak permissions...
CVE-2021-25276
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...
CVE-2021-25276
In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory containing user profile files that include users' password hashes that is world readable and writable. An unprivileged Windows user having access to the server's filesystem can add an FTP user by copying a valid profile file to thi...
openGauss: Restricting the Permission for the ${GAUSSHOME}/bin Directory
The $GAUSSHOME/bin directory stores database binary files. To prevent them from being tampered or damaged and protect customer information from security threats, this directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions mig...
LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection
I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability—called Zerologon—that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable t...
SCADAPack 7x Remote Connect Path Traversal Vulnerability
SCADAPack is a Schneider-electric intelligent field controller that combines the monitoring and communication capabilities of a Remote Terminal Unit RTU with the processing and data logging capabilities of a Programmable Logic Controller PLC to provide superior functionality for remote processes...
The vulnerability of the Environment Mgmt Console component in the Oracle PeopleSoft Enterprise PeopleTools business application suite, due to insufficient input data validation, allows attackers to modify, add, or delete data, or cause system downtime or service failures.
The vulnerability of the Security component of the Oracle Unified Directory application for simplified deployment in the Oracle Fusion Middleware software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete data...
The vulnerability of the TIFFWriteDirectorySec function in software for viewing, editing, and converting TIFF files is related to pointer assignment errors, which allows an attacker to cause a service failure.
The vulnerability of the TIFFWriteDirectorySec function in software for viewing, editing, and converting TIFF files is related to the use of a zero pointer. Exploiting this vulnerability allows an attacker to cause service interruptions remotely...
PingCastle - Get Active Directory Security At 80% In 20% Of The Time
The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. Ping Castle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment a...
The vulnerability of the fetch module in the Ansible configuration management system arises from incorrect restrictions on the path to the restricted-access directory. This allows attackers to gain unauthorized access to information and compromise its integrity.
The vulnerability of the fetch module in the Ansible configuration system is related to an incorrect path limitation for the restricted access directory. Exploiting this vulnerability could allow a local attacker to gain unauthorized access to information and compromise its integrity by copying a...
Security update for php5-smarty3 (moderate)
This update for php5-smarty3 fixes the following issues: - CVE-2018-16381: Prevent traversal vulnerability due to insufficient template code sanitization that allowed attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files...