Lucene search
K

108 matches found

CNVD
CNVD
added 2020/07/13 12:0 a.m.3 views

Facebook osquery elevation of privilege vulnerability

Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. An elevation of privilege vulnerability exists in Facebook osquery versions prior to 4.4.0. The vulnerability stems from the fact that when a Windows system is...

8.2CVSS6.9AI score0.00587EPSS
Exploits1References1
NVD
NVD
added 2020/07/10 7:15 p.m.30 views

CVE-2020-11081

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...

8.2CVSS0.00587EPSS
Exploits1References5
OSV
OSV
added 2020/07/10 7:15 p.m.12 views

CVE-2020-11081

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...

8.2CVSS6.8AI score
Exploits0References5
Prion
Prion
added 2020/07/10 7:15 p.m.21 views

Privilege escalation

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...

4.4CVSS8.1AI score0.00587EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2020/07/10 6:45 p.m.34 views

CVE-2020-11081 osquery susceptible to DLL search order hijacking of zlib1.dll

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...

5.3CVSS8.1AI score0.00587EPSS
Exploits1References5
CVE
CVE
added 2020/07/10 6:45 p.m.58 views

CVE-2020-11081

The vulnerability CVE-2020-11081 affects osquery prior to 4.4.0 on Windows. If PATH includes a user-writable directory, a local attacker can place a malicious zlib1.dll that osquery will load, enabling local privilege escalation because osquery runs with elevated privileges. Affected software: os...

8.2CVSS6.5AI score0.00587EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2020/07/10 12:0 a.m.4 views

PT-2020-12538 · Facebook · Osquery

Name of the Vulnerable Software and Affected Versions: osquery versions prior to 4.4.0 Description: The issue allows for a privilege escalation. If a Windows system has a PATH containing a user-writable directory, a local user can create a zlib1.dll DLL that osquery will attempt to load, enabling...

8.2CVSS8.2AI score0.00587EPSS
Exploits1References9
NVD
NVD
added 2020/03/13 12:15 a.m.22 views

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

9.1CVSS9.1AI score0.01281EPSS
Exploits0References2
OSV
OSV
added 2020/03/13 12:15 a.m.21 views

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

9.1CVSS6.8AI score0.01281EPSS
Exploits0References2
Prion
Prion
added 2020/03/13 12:15 a.m.16 views

Input validation

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

5.8CVSS9AI score0.01281EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/03/13 12:0 a.m.6 views

Facebook osquery trust management issue vulnerability

Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. A trust management issue vulnerability exists in Facebook osquery versions 2.9.0 through 4.2.0 excluding versions 2.9.0 and 4.2.0, which stems from the program...

9.1CVSS6.9AI score0.01281EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/12 11:50 p.m.22 views

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

9.2AI score0.01281EPSS
Exploits0References2
CVE
CVE
added 2020/03/12 11:50 p.m.102 views

CVE-2020-1887

CVE-2020-1887 affects osquery versions post-2.9.0 and before 4.2.0, where TLS SNI hostname validation is incorrect. This could allow an attacker to perform a MITM on osquery traffic if no root trust chain is configured. Remediation: upgrade to 4.2.0 or later (or apply vendor guidance). The connec...

9.1CVSS9.1AI score0.01281EPSS
Exploits0References2Affected Software1
ossfuzz
ossfuzz
added 2020/02/22 6:24 p.m.14 views

osquery:osqueryfuzz-sqlquery: Heap-use-after-free in binCollFunc

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5174631483047936 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-sqlquery Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-use-after-free READ 1 Crash Address:...

6.8AI score
Exploits0Affected Software1
Kitploit
Kitploit
added 2019/11/18 12:30 p.m.200 views

DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices

DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing. Purpose This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and som...

7.5AI score
Exploits0References17
ossfuzz
ossfuzz
added 2019/11/03 3:3 a.m.16 views

osquery:osqueryfuzz-sqlquery: Heap-buffer-overflow in sqlite3VdbeMemSetStr

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5657577178529792 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-sqlquery Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/10/28 1:13 a.m.48 views

osquery:osqueryfuzz-config: Heap-buffer-overflow in bool rapidjson::GenericValue<rapidjson::UTF8<char>, rapidjson::MemoryPoolAllocat

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5082304661946368 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address:...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/10/15 9:37 a.m.28 views

osquery:osqueryfuzz-config: Crash in bool rapidjson::GenericValue<rapidjson::UTF8<char>, rapidjson::MemoryPoolAllocat

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5684053100986368 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x01807fff8001...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2019/10/15 2:24 a.m.27 views

osquery:osqueryfuzz-config: Crash in rapidjson::internal::FastPath

Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5751874325577728 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0001000c821b...

6.8AI score
Exploits0Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2019/07/11 12:0 p.m.55 views

Congratulations to our Query of the Month Winner for June 2019!

Last month, we launched our Query of The Month competition, which recognizes the top community-shared query that provides value to other Osquery users. To determine the query of the month, our team selects the community-shared query that has the most engagement or helps solve an important problem...

1.8AI score
Exploits0
Rows per page
Query Builder