Analysing the Attack Surface of an Industrial Data Acquisition Device

Introduction The Data Station Plus from Red Lion Controls was handed to me to analyse the attack surface. The device is designed to connect to SCADA data acquisition devices over Modbus, Profibus, etc. by Serial or Ethernet connection. Data is collected and recorded to a local compact flash card...

keycloak: keycloak uses hardcoded open dummy domain for new accounts enabling information disclosure

A flaw was found in Keycloak. The use of an open hard-coded domain can allow an unauthorized login by setting up a mail server and resetting the user credentials, enabling information disclosure...

Veeam Backup for AWS Recovery/Migration Procedure

Purpose This article documents how to recover or migrate Veeam Backup for AWS data to a new instance. Solution Recommended Method Starting with Veeam Backup for AWS 5.0, Configuration Backup and Restore is available and is now the simplest way to restore/migrate. Performing Configuration Backup...

CVE-2019-6665

CVE-2019-6665 affects BIG-IP ASM (15.0.0–15.0.1, 14.1.0–14.1.2, 14.0.0–14.0.1, 13.1.0–13.1.3.1), BIG-IQ 5.2.0–5.4.0 and 6.x, Enterprise Manager 3.1.1, and F5 iWorkflow 2.3.0. An attacker able to access the device communications between the BIG-IP ASM Central Policy Builder and BIG-IQ/Enterprise M...

Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare

Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of relevant CVEs affecting your network. Flan Scan is a wrapper over Nmap and the vulners script which turns Nmap into a...

RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components

RE:TERNAL is a centralised purple team simulation platform. Reternal uses agents installed on a simulation network to execute various known red-teaming techniques in order to test blue-teaming capabilities. The simulations are mapped to the MITRE ATT&CK framework. This repo contains the compose...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

CVE-2013-6811

Multiple cross-site request forgery CSRF vulnerabilities in the D-Link DSL-6740U gateway Rev. H1 allow remote attackers to hijack the authentication of administrators for requests that change administrator credentials or enable remote management services to 1 Custom Services in Port Forwarding, 2...

Linux kernel resource management error vulnerability (CNVD-2019-41706)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the 'i40esetupmacvlans' function in the drivers/net/ethernet/intel/i40e/i40emain.c file in Linux kernel 5.3.11 and...

DEBIAN-CVE-2019-19043

A memory leak in the i40esetupmacvlans function in drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering i40esetupchannel failures, aka CID-27d461333459...

CVE-2019-19043

A memory leak in the i40esetupmacvlans function in drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering i40esetupchannel failures, aka CID-27d461333459...

UBUNTU-CVE-2019-19043

A memory leak in the i40esetupmacvlans function in drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering i40esetupchannel failures, aka CID-27d461333459...

SUSE-SU-2019:2982-1 Security update for enigmail

This update for enigmail fixes the following issues: - SeaMonkey is no longer supported. Update description and no longer put in SeaMonkey addons path bsc1151317 enigmail was updated 2.1.2: compatibility with Mozilla Thunderbird 68 New simplified setup wizard Full support for keys.openpgp.org...

Asset Discover - Burp Suite Extension To Discover Assets From HTTP Response

Burp Suite extension to discover assets from HTTP response using passive scanning. Refer our blog Asset Discovery using Burp Suite for more details. The extension is now part of the BApp store and can be installed directly from the Burp Suite...

RHEL 8 : evolution (RHSA-2019:3699)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3699 advisory. Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. Security Fixes:...

rt-setup bug fix and enhancement update

An update is available for rt-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.1...

Unspecified Vulnerability in Apple iOS and iPadOS Setup Assistant Component

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Setup Assistant is one of the Setup Assistant components. A security vulnerability in the Setup Assistant component in Appl...

CVE-2019-12612

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup...

CVE-2019-12612

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup...

Design/Logic Flaw

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup...