How to Change the Maximum Segment Size on a NetScaler Appliance

This article describes how to change the Maximum Segment Size MSS for all sourced packets from a NetScaler appliance. Requirements Command line access to the NetScaler appliance through the console or a Secure Shell SSH client General knowledge of the NetScaler Command Line Interface CLI and UNIX...

A proxyjacking campaign is looking for vulnerable SSH servers

A researcher at Akamai has posted a blog about a worrying new trend--proxyjacking--where criminals sell your bandwidth to a third-party proxy service. To understand how proxyjacking works, well need to explain a few things. There are several legitimate services that pay users to share their surpl...

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is an active campaign in which the attacker leverages SSH for remote access, running malicious scripts that stealthily enlist victim servers into a peer-to-peer P2P...

Fedora 37 : suricata (2023-5230b1a68a)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5230b1a68a advisory. This is a security release, additionally fixing a number of important bugs. Tenable has extracted the preceding description block directly from the Fedora...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

Design/Logic Flaw

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

Design/Logic Flaw

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions...

PT-2023-14536 · Unknown · Weblib Ucopia

Name of the Vulnerable Software and Affected Versions: Weblib Ucopia versions prior to 6.0.13 Description: An issue was discovered in the SSH Server of Weblib Ucopia, where it has insecure permissions. Recommendations: For versions prior to 6.0.13, update to version 6.0.13 or later to resolve the...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

CVE-2023-37237

The CVE-2023-37237 issue affects Veritas NetBackup Appliance software prior to 4.1.0.1 MR3. Insecure permissions allow an authenticated Admin to bypass shell restrictions and execute arbitrary OS commands via SSH. Root cause: insecure permissions on the appliance environment. Impact: potential fu...

CVE-2022-44719

CVE-2022-44719 affects Weblib Ucopia prior to 6.0.13. The vulnerability is in the SSH Server which has insecure permissions, enabling potential unauthorized access and impacting confidentiality (per CVSS vector: HIGH). The issue is documented across multiple sources (e.g., NVD/Red Hat/PRION) with...

CVE-2023-37237

In Veritas NetBackup Appliance before 4.1.0.1 MR3, insecure permissions may allow an authenticated Admin to bypass shell restrictions and execute arbitrary operating system commands via SSH...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Attacks, Vulnerabilities and Actors 19 June to 25 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, taking advantage of seventeen different vulnerabilities ...

Exploit for Path Traversal in Microsoft

CVE-2022-4510-Binwalk This script allows you to generate expl...

ALSA-2023:3839 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...