108 matches found
Facebook osquery elevation of privilege vulnerability
Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. An elevation of privilege vulnerability exists in Facebook osquery versions prior to 4.4.0. The vulnerability stems from the fact that when a Windows system is...
CVE-2020-11081
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...
CVE-2020-11081
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...
Privilege escalation
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...
CVE-2020-11081 osquery susceptible to DLL search order hijacking of zlib1.dll
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...
CVE-2020-11081
The vulnerability CVE-2020-11081 affects osquery prior to 4.4.0 on Windows. If PATH includes a user-writable directory, a local attacker can place a malicious zlib1.dll that osquery will load, enabling local privilege escalation because osquery runs with elevated privileges. Affected software: os...
PT-2020-12538 · Facebook · Osquery
Name of the Vulnerable Software and Affected Versions: osquery versions prior to 4.4.0 Description: The issue allows for a privilege escalation. If a Windows system has a PATH containing a user-writable directory, a local user can create a zlib1.dll DLL that osquery will attempt to load, enabling...
CVE-2020-1887
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...
CVE-2020-1887
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...
Input validation
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...
Facebook osquery trust management issue vulnerability
Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. A trust management issue vulnerability exists in Facebook osquery versions 2.9.0 through 4.2.0 excluding versions 2.9.0 and 4.2.0, which stems from the program...
CVE-2020-1887
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...
CVE-2020-1887
CVE-2020-1887 affects osquery versions post-2.9.0 and before 4.2.0, where TLS SNI hostname validation is incorrect. This could allow an attacker to perform a MITM on osquery traffic if no root trust chain is configured. Remediation: upgrade to 4.2.0 or later (or apply vendor guidance). The connec...
osquery:osqueryfuzz-sqlquery: Heap-use-after-free in binCollFunc
Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5174631483047936 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-sqlquery Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-use-after-free READ 1 Crash Address:...
DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices
DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing. Purpose This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and som...
osquery:osqueryfuzz-sqlquery: Heap-buffer-overflow in sqlite3VdbeMemSetStr
Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5657577178529792 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-sqlquery Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...
osquery:osqueryfuzz-config: Heap-buffer-overflow in bool rapidjson::GenericValue<rapidjson::UTF8<char>, rapidjson::MemoryPoolAllocat
Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5082304661946368 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: Heap-buffer-overflow READ 2 Crash Address:...
osquery:osqueryfuzz-config: Crash in bool rapidjson::GenericValue<rapidjson::UTF8<char>, rapidjson::MemoryPoolAllocat
Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5684053100986368 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x01807fff8001...
osquery:osqueryfuzz-config: Crash in rapidjson::internal::FastPath
Project: https://github.com/osquery/osquery.git Detailed Report: https://oss-fuzz.com/testcase?key=5751874325577728 Project: osquery Fuzzing Engine: libFuzzer Fuzz Target: osqueryfuzz-config Job Type: libfuzzerasanosquery Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0001000c821b...
Congratulations to our Query of the Month Winner for June 2019!
Last month, we launched our Query of The Month competition, which recognizes the top community-shared query that provides value to other Osquery users. To determine the query of the month, our team selects the community-shared query that has the most engagement or helps solve an important problem...