Tenable Nessus Detection Consolidation

Consolidation of Tenable Nessus detections. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; ifdescription...

Rocky Linux 8 : container-tools:rhel8 (RLSA-2021:1796)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1796 advisory. - A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause ...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

Nutanix AOS : (NXSA-AOS-6.7.0.6)

The version of AOS installed on the remote host is prior to 6.7.0.6. It is, therefore, affected by a vulnerability as referenced in the NXSA-AOS-6.7.0.6 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

How to Reset the XenServer Console

Under certain circumstances, the XenServer console in XenCenter will freeze. This article describes how to reset the console when the host is still responsive. Requirements Basic Linux knowledge Access to a XenServer host through an SSH client such as putty...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-3088)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Puppet Enterprise < 2019.8.8 / 2021.3.0 Information Disclosure Vulnerability

A flaw was discovered in bolt-server and ace where running a task with sensitive parameters results in those sensitive parameters being logged when they should not be. This issue only affects SSH/WinRM nodes inventory service nodes. Note that Nessus has not tested for this issue but has instead...

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

Default configuration

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

CVE-2023-38994

CVE-2023-38994 affects Univention Corporate Server (UCS) 5.0-5. The issue stems from the check_univention_joinstatus Prometheus script (and similar scripts), which exposes the LDAP password of the machine account in the process list. This enables attackers with local SSH access to elevate privile...

Ubuntu: Security Advisory (USN-6459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for kitty (FEDORA-2023-ab43e2ce21)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the SSH daemon on the RouterOS operating system, specifically the hAP lite router, allows a hacker to cause a service failure.

The vulnerability of the SSH daemon in the RouterOS operating system, specifically the hAP lite router, is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

CVE-2023-35794

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint spawned console can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console...

Design/Logic Flaw

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint spawned console can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console...

Metasploit Weekly Wrap-Up

New module content 4 Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control Authors: Emir Polat and Unknown Type: Auxiliary Pull request: 18447 contributed by emirpolatt Path: admin/http/atlassianconfluenceauthbypass AttackerKB reference: CVE-2023-22515...

CVE-2023-35794

CVE-2023-35794 affects Cassia Access Controller 2.1.1.2303271039. The issue is unprotected access to the Web SSH terminal endpoint (spawned console) due to lack of session cookie validation; only Basic Authentication to the SSH console is used. This allows unauthenticated access to the console, e...

CVE-2023-35794

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint spawned console can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console...

PT-2023-9825

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.1 Description Gogs, an open-source self-hosted Git service, has an issue that allows a malicious user to write a file to an arbitrary path on the server, potentially gaining SSH access. The vulnerability resides in...

StripedFly: Perennially flying under the radar

Introduction Its just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers,...