Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free

Impact First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecting ITokens into endpoints was added. All was well until 4.0. Bunkum 4.0 then...

CVE-2023-45814 Tokens cached in the AuthenticationService are susceptible to reuse in Bunkum

Bunkum is an open-source protocol-agnostic request server for custom game servers. First, a little bit of background. So, in the beginning, Bunkum's AuthenticationService only supported injecting IUsers. However, as Refresh and SoundShapesServer implemented permissions systems support for injecti...

Multiple DenyAll Product Authentication Vulnerabilities

DenyAll i-Suite LTS and others are Web firewall products from DenyAll France. An authentication vulnerability exists in several DenyAll products. A remote attacker can exploit this vulnerability by sending a typeOf=debug request to the /webservices/download/index.php file and reading the iToken...

CVE-2017-14706

DenyAll WAF before 6.4.1 allows unauthenticated remote attackers to obtain authentication information by making a typeOf=debug request to /webservices/download/index.php, and then reading the iToken field in the reply. This affects DenyAll i-Suite LTS 5.5.0 through 5.5.12, i-Suite 5.6, Web...

Design/Logic Flaw

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

CVE-2017-14705

DenyAll WAF before 6.4.1 allows unauthenticated remote command execution via TCP port 3001 because shell metacharacters can be inserted into the type parameter to the tailDateFile function in /webservices/stream/tail.php. An iToken authentication parameter is required but can be obtained by...

DenyAll WAF 6.3.0 - Remote Code Execution (Metasploit)

DenyAll WAF 6.3.0 - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DenyAll Web Application Firewall Remote Code Execution", 'Description' = %q This module...

DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DenyAll Web Application Firewall Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of DenyAll We...