[H-01] Ocean contract and onERC1155Received function is vulnerable to read only reentrancy

Lines of code Vulnerability details Impact The Ocean contract and onERC1155Received function is vulnerable to read only reentrancy when read from another contract. The order of function execution when called externally from the onERC1155Received function in the Ocean contract is as follows. The...

Issue with Decimal Conversion in Shell Protocol

Lines of code Vulnerability details Impact The identified issue within the convertDecimals function in the Shell Protocol could lead to a loss of value due to decimal truncation during token conversions. This situation is particularly critical in the context of Shell Protocol's operations, which...

Ocean.doMultipleInteractions() cannot wrap ether

Lines of code Vulnerability details Bug Description doMultipleInteractions in Ocean.sol attempts to wrap ether but reverts due to a logical error. The internal helper function, doMultipleInteractions, includes the following: if msg.value != 0 balanceDeltas.increaseBalanceDeltaWRAPPEDETHERID,...

Batch Execution Failure

Lines of code Vulnerability details Impact A failure in one interaction could potentially cause the entire batch to fail, affecting subsequent interactions. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates...

Custom Ether Address Representation in Shell Protocol's Constructor

Lines of code Vulnerability details Impact The hardcoded custom representation of Ether in the Shell Protocol's adapter for the Curve Tricrypto pool using address0x4574686572, deviates from standard Ethereum practices and introduces the risk of address collisions. This could potentially lead to...

The vulnerability of the Cargo package manager in the Rust programming language, which allows attackers to compromise the integrity of the protected information

The vulnerability of the Cargo package manager in the Rust programming language is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information via the SSH protocol...

The vulnerability of SSH clients and server-side networking frameworks like Twisted involves buffer copying without input data validation, allowing attackers to cause service failures.

The vulnerability of SSH clients and server-side networking frameworks like Twisted relates to the ability to accept an infinite number of data entries for the SSH version identifier. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

InsightVM Scanning: Demystifying SSH Credential Elevation

Written in collaboration with Jimmy Cancilla The credentials to log into the assets on the network are one of the most critical inputs that can be provided to a vulnerability assessment. In order to capture and report on the full risk of an asset, the scan engine must be able to access the asset ...

Common Cloud Misconfigurations Exploited in Minutes, Report

Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found. Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes...

The vulnerability of the SSH protocol used by the code editor Visual Studio Code, related to improper code generation management, allows a hacker to execute arbitrary code.

The vulnerability of the SSH protocol used by the code editor Visual Studio Code is related to improper handling of code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2020-3929

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages...

Evenroute IQrouter has an unspecified vulnerability (CNVD-2020-25367)

Evenroute IQrouter is a smart router from Evenroute USA. A security vulnerability exists in Evenroute IQrouter 3.3.1 and earlier versions, which stems from an empty password for the root account. The vulnerability can be exploited by an attacker to gain full remote access with the help of the...

Microsoft Windows: Shell protocol protected mode

This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only...

DEBIAN-CVE-2017-17459

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

An ssh-agent for every domain: SSHecret

If you have an encrypted ssh key for each domain you access you should, and you keep your unlocked keys in a single ssh-agent you maybe shouldn’t, AND you’ve ever decided you need to forward your ssh-agent, then you should feel bad. If you forward an ssh-agent with all your unique keys for every...

Core FTP LE- 'SSH/SFTP' Remote Buffer Overflow Vulnerability

Core FTP LE is a free FTP client. Core FTP LE- 'SSH/SFTP' suffers from a remote buffer overflow vulnerability. When connecting to a malicious server using the SSH / SFTP protocol. Allows remote attackers to exploit the vulnerability to execute arbitrary code or launch a denial of service attack...

Novell NetWare OpenSSH Buffer Overflow

The Secure Shell SSH protocol is a well-established method of secure communication in a client and server architectural model. SSH is based on the idea of a public key exchange, where a server offers a client its public key. The client then uses this key to encrypt all communication between the t...

Multiple SSH Vulnerabilities - Cisco Systems

Four different Cisco product lines are susceptible to multiple vulnerabilities discovered in the Secure Shell SSH protocol version 1.5. These issues have been addressed, and fixes have been integrated into the Cisco products that support this protocol. By exploiting the weakness in the SSH...

CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

CVE-2004-0648

Mozilla Suite before 1.7.1, Firefox before 0.9.2, and Thunderbird before 0.7.2 allow remote attackers to launch arbitrary programs via a URI referencing the shell: protocol...