EulerOS 2.0 SP5 : nss (EulerOS-SA-2019-2174)

According to the version of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the...

EulerOS 2.0 SP5 : openssl110h (EulerOS-SA-2019-2218)

According to the versions of the openssl110h packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in th...

EulerOS 2.0 SP3 : openssl (EulerOS-SA-2019-2264)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it...

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

389-ds-base: DoS via hanging secured connections

It was found that encrypted connections did not honor the 'ioblocktimeout' parameter to end blocking requests. As a result, an unauthenticated attacker could repeatedly start a sufficient number of encrypted connections to block all workers, resulting in a denial of service...

U.S. Dept Of Defense: [HTAF4-213] [Pre-submission] CVE-2018-2879 (padding oracle attack in the Oracle Access Manager) at https://█████████

Description We were able to identify CVE-2018-2879 in Oracle Access Manager, used on the https://██████ Link to the CVE: https://nvd.nist.gov/vuln/detail/CVE-2018-2879 This vulnerability is rated critical, and may allow unauthenticated attacker with network access via HTTP to compromise Oracle...

UBoat - HTTP Botnet Project

A POC HTTP Botnet designed to replicate a full weaponised commercial botnet Disclaimer This project should be used for authorized testing or educational purposes only. The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of...

Hardcoded credentials

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard-coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with firmware...

CVE-2019-14926

CVE-2019-14926 concerns hard-coded SSH keys in Mitsubishi Electric ME-RTU (firmware up to 2.02) and INEA ME-RTU (up to 3.0). The root cause is static private-key values stored in /etc/ssh/ssh_host_rsa_key, /etc/ssh/ssh_host_ecdsa_key, and /etc/ssh/ssh_host_dsa_key that are publicly available from...

CVE-2019-14926

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Hard-coded SSH keys allow an attacker to gain unauthorised access or disclose encrypted data on the RTU due to the keys not being regenerated on initial installation or with...

Broadcom Brocade SANnav CVE-2019-16208 Weak Encryption Security Weakness

Description Broadcom Brocade SANnav is prone to a security weakness. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. Versions prior to Brocade SANnav 2.0 are vulnerable. Technologies Affected Broadcom Brocade SANnav...

Broadcom Brocade SANnav CVE-2019-16209 SSL Certificate Validation Security Bypass Vulnerability

Description Broadcom Brocade SANnav is prone to a security-bypass vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks and perform certain unauthorized actions, which will aid in further attacks. Versions prior to Brocade SANnav 2.0 are vulnerable. Technologies...

Broadcom Brocade SANnav CVE-2019-16210 Information Disclosure Vulnerability

Description Broadcom Brocade SANnav is prone to an information disclosure vulnerability Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks or cause a denial-of-service condition. Versions prior to Brocade SANnav 2.0 are...

Broadcom Brocade SANnav CVE-2019-16206 Information Disclosure Vulnerability

Description Broadcom Brocade SANnav is prone to an information disclosure vulnerability Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks or cause a denial-of-service condition. Versions prior to Brocade SANnav 2.0 are...

Verizon, AT&T, Sprint and T-Mobile to replace SMS with RCS Messaging in 2020

Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation RCS messaging service that is meant to replace SMS and has the potential to change the way consumers interact with brands for years to come. All major United States...

Cloud Foundry SMB Volume CVE-2019-11283 Information Disclosure Vulnerability

Description Cloud Foundry SMB Volume is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Cloud Foundry SMB Volume 1.0.0 Cloud Foundry SMB Volume 1.1.0 Cloud Foundry...

Apple macOS Catalina Information Disclosure Vulnerability

Apple macOS Catalina is the United States Apple Apple company's set of Mac computers developed specifically for the operating system. PDFKit is one of the PDF document generation components. A security vulnerability exists in the handling of links in encrypted PDFs in the PDFKit component of Appl...

Fortinet FortiOS CVE-2019-15703 Insufficient Entropy Vulnerability

Description Fortinet FortiOS is prone to an insufficent entropy vulnerability. Remote attackers can exploit this issue to perform side-channel attacks and obtain sensitive information. This aids in other attacks. Technologies Affected Fortinet FortiOS 2.36.0 Fortinet FortiOS 2.50.0 Fortinet Forti...

CVE-2019-3767

Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially...

CVE-2019-3767

Dell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted information in the images it creates. A privileged user of a system running an operating system that was deployed with Dell ImageAssist could potentially...