UPDATE: Sysdig Falco v0.15.0

PenTestIT RSS Feed Three days ago, an updated version – Sysdig Falco v0.15.0 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. This release incorporates a lot of rule updates that are now also tagged the for...

JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

Authentication Bypass

Tomcat is vulnerable to authentication bypass vulnerability. This is because, when using an OCSP responder Apache Tomcat Native does not correctly handle invalid responses. Users could authenticate with revoked certificates when using mutual TLS as the revoked client certificates are improperly...

4everland-pinning (>=1.0.4 <=1.0.10), @0x5e/homebridge-tuya-platform (>=1.6.0 <=1.7.0-beta.58) +3245 more potentially affected by CVE-2019-5432 via mqtt-packet (>=6.0.0 <=6.10.0)

mqtt-packet NPM version =6.0.0, =1.0.4, =1.6.0, =1.0.1, =0.2.0, =0.4.19, =0.12.0, =0.1.5, =0.1.8, =0.1.3, =0.12.0, =0.1.0, =0.8.3, =0.12.0, =0.12.0, =0.12.0, =0.14.4 and more Source cves: CVE-2019-5432 Source advisory: OSV:GHSA-WV67-9JQ7-8R69...

Fedora Update for mariadb-connector-c FEDORA-2018-0d2b97271c

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Timing Attack

express-basic-auth is vulnerable to timing attacks. The usage of native string comparison allows a remote attacker to guess secrets such as user passwords by analyzing server response time on different input...

UPDATE: Sysdig Falco v0.14.0

PenTestIT RSS Feed Recently, an updated version - Sysdig Falco v0.14.0 - was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. What is Sysdig Falco? Sysdig Falco is an open source, behavioral activity monitor...

PT-2019-11339 · Red Hat +3 · Red Hat Openshift Container Platform +2

Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 2.150.2 Jenkins versions prior to 2.160 Jenkins versions 2.171 and earlier Jenkins LTS versions 2.164.1 and earlier Oracle Communications Cloud Native Core Automated Test Suite affected versions not specified Redhat...

@anzeblabla/react-native-markdown-editor (>=1.0.3 <=2.1.1), @gorangajic/react-native-markdown (=0.1.1) +22 more potentially affected by CVE-2019-9844 via simple-markdown (>=0.0.9 <=0.4.2)

simple-markdown NPM version =0.0.9, =1.0.3, =1.3.0, =1.0.1, =1.0.4, =2.3.0, =0.1.0, =1.2.0, =2.4.0, =1.2.0, =1.1.0, =1.0.0, =1.10.0 and more Source cves: CVE-2019-9844 Source advisory: OSV:GHSA-QJ3F-9GMQ-FWV5...

Spoofing

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

CVE-2019-10875

CVE-2019-10875 is a URL-spoofing vulnerability in Xiaomi Mi Browser (international) 10.5.6-g and Mint Browser 1.5.3 caused by how the q parameter is handled: the portion of the https URL before ?q= is not displayed, enabling spoofing of the address bar. Several public sources document a PoC and p...

CVE-2019-9946

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

CVE-2019-9946

Cloud Native Computing Foundation CNCF CNI Container Networking Interface 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE-...

CVE-2019-9946

Summary: CVE-2019-9946 affects Cloud Native Computing Foundation (CNCF) CNI 0.7.4 used with Kubernetes. The portmap plugin in CNI inserts rules at the front of the iptables nat chains, giving them precedence over the KUBE-SERVICES chain. This could cause HostPort/portmap rules to match traffic ev...

JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...

JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()

In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...

[SECURITY] Fedora 29 Update: php-typo3-phar-stream-wrapper2-2.0.1-1.fc29

Interceptors for PHP's native phar:// stream handling v2. Autoloader: /usr/share/php/TYPO3/PharStreamWrapper2/autoload.php...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.0 Service Pack 2 security and bug fix update

An update is now available for Red Hat JBoss Web Server 5.0 for RHEL 6 and Red Hat JBoss Web Server 5.0 for RHEL 7. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...