CLSA-2021-1634922818 Fixed CVE-2021-23017 in nginx

Update fix for CVE-2021-23017 accoding nginx.org recomendations...

CLSA-2021-1634922789 Fixed CVE-2021-23017 in nginx

Fixed CVE-2021-23017 : Off-by-one in ngxresolvercopy when - labels are followed by a pointer to a root domain name...

Kubernetes: Ingress-nginx annotation injection allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

I submitted the following report to [email protected]: I've been exploring CVE-2021-25742 and believe I've discovered a variant although it appears there may be many. Most template variables are not escaped properly in nginx.tmpl, leading to injection of arbitrary nginx directives. For...

CVE-2021-25742

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster...

ingress-nginx 安全漏洞

ingress-nginx is an open source entry controller for Kubernetes that uses NGINX as a reverse proxy and load balancer. A security vulnerability exists in ingress-nginx that stems from the fact that a user who creates or updates an ingress object can use the custom snippet feature to gain access to...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.3 bug fix, security, and image updates

Red Hat Advanced Cluster Management for Kubernetes 2.3.3 General Availability release images, which fix bugs, provide security fixes, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS ba...

USN-5109-1 nginx vulnerability

It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact...

USN-5109-1: nginx vulnerability

It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact...

Ubuntu 16.04 ESM : nginx vulnerability (USN-5109-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5109-1 advisory. It was discovered that nginx incorrectly handled files with certain modification dates. A remote attacker could possibly use this issue to cause a denial of servi...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.2.9 security, bug, and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.2.9 General Availability release images, which provide security updates, one or more container updates, and bug fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...

CVE-2021-3882

LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection HTTP, an attacker may be able to obtain the authentication data by capturing network...

Command injection

LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection HTTP, an attacker may be able to obtain the authentication data by capturing network...

CVE-2021-3882

LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection HTTP, an attacker may be able to obtain the authentication data by capturing network...

CVE-2021-3882

LedgerSMB CVE-2021-3882 concerns the Secure attribute on the session authorization cookie. The vulnerability arises when LedgerSMB servers behind a reverse proxy respond to unencrypted HTTP; an attacker who can observe traffic and trick a user into using HTTP could obtain the authentication cooki...

CVE-2021-3882

LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection HTTP, an attacker may be able to obtain the authentication data by capturing network...

Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection

Exploit Title: Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection Date: 05.10.2021 Exploit Author: Emel Basayar Vendor: Odine Solutions - odinesolutions.com Vendor Homepage: https://odinesolutions.com/software/gatekeeper-simbox-antifraud/ Version: 1.0 Category: Webapps Tested on: Ubunt...

Odine Solutions GateKeeper 1.0 SQL Injection

Exploit Title: Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection Date: 05.10.2021 Exploit Author: Emel Basayar Vendor: Odine Solutions - odinesolutions.com Vendor Homepage: https://odinesolutions.com/software/gatekeeper-simbox-antifraud/ Version: 1.0 Category: Webapps Tested on: Ubunt...

Odine Solutions GateKeeper 1.0 - (trafficCycle) SQL Injection Vulnerability

Exploit Title: Odine Solutions GateKeeper 1.0 - 'trafficCycle' SQL Injection Exploit Author: Emel Basayar Vendor: Odine Solutions - odinesolutions.com Vendor Homepage: https://odinesolutions.com/software/gatekeeper-simbox-antifraud/ Version: 1.0 Category: Webapps Tested on: Ubuntu 18 TLS...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx. Vulnerability Details CVEID: CVE-2021-23017 DESCRIPTION: NGINX could allow a remote attacker to execute arbitrary code on the system, caused by an off-by-one error in ngxresolvercopy while processing D...

PHP_SELFish Part 1 – Reflected XSS in underConstruction Plugin

Today’s post is part one of a two part blog post. It describes a cross site scripting vulnerability that exploits the PHPSELF variable. Tomorrow we will publish part two, which describes another plugin suffering from a similar vulnerability related to the use of PHPSELF. So be sure to look out fo...