CVE-2023-33141

Summary: CVE-2023-33141 is a Denial of Service vulnerability in Yet Another Reverse Proxy (YARP). The OSV entry confirms a DoS impact exists in YARP and provides remediation: upgrade to Yarp.ReverseProxy 2.0.1 (and Telemetry.Consumption 2.0.1) to mitigate. The CVE entry lists CVSSv3.1 base score ...

Debian: Security Advisory (DSA-5435-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

spring-boot: Spring Boot Welcome Page DoS Vulnerability

A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed...

Exploit for Improper Input Validation in Barracuda Email_Security_Gateway_300_Firmware

CVE-2023-2868: Barracuda ESG Command Injection For full...

Fedora: Security Advisory for iaito (FEDORA-2023-5d5aa8b27a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Yet Another Reverse Proxy (YARP) from Microsoft, which stems from insufficient input validation, allows attackers to induce a service failure.

The vulnerability of the Yet Another Reverse Proxy YARP Microsoft component is related to insufficient input validation. Exploiting this vulnerability could allow a malicious actor to cause service failures...

[SECURITY] Fedora 38 Update: iaito-5.8.6-1.fc38

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

[SECURITY] Fedora 38 Update: radare2-5.8.6-1.fc38

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 37 Update: radare2-5.8.6-1.fc37

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

[SECURITY] Fedora 37 Update: iaito-5.8.6-1.fc37

iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse...

TFTP Fetch, Reverse TCP Stager

Fetch and execute a x86 payload from a TFTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/x86/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid show options ...show an...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute a x86 payload from an HTTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options msf use payload/cmd/linux/http/x86/shellreversetcpipv6 msf payloadshellreversetcpipv6 show actions ...actions... msf payloadshellreversetcpipv6 set ACTION msf...

HTTP Fetch, Reverse TCP Stager

Fetch and execute a x86 payload from an HTTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/http/x86/meterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid show options ...show a...

TFTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute a x86 payload from a TFTP server. Connect back to attacker over IPv6 Module Options msf use payload/cmd/linux/tftp/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

HTTPS Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/https/x86/shell/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf...

HTTPS Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/https/x86/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show option...

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute a x86 payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/x86/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp show...

TFTP Fetch, Linux Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute a x86 payload from a TFTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options msf use payload/cmd/linux/tftp/x86/shellreversetcpipv6 msf payloadshellreversetcpipv6 show actions ...actions... msf payloadshellreversetcpipv6 set ACTION msf...

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to attacker over IPv6 Module Options msf use payload/cmd/linux/https/x86/meterpreter/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

TFTP Fetch, Reverse TCP Stager

Fetch and execute a x86 payload from a TFTP server. Connect back to the attacker Module Options msf use payload/cmd/linux/tftp/x86/meterpreter/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show options ...show and set options...