Jenkins plugins Multiple Vulnerabilities (2022-05-17)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenki...

[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities

R1 Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 06/15/2022 - 12:36 Custom audit files bring tremendous power and flexibility when assessing the configuration of your assets. Two separate vulnerabilities that utilize this custom Audit functionality were identified,...

Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers

A new Golang-based peer-to-peer P2P botnet has been spotted actively targeting Linux servers in the education sector since its emergence in March 2022. Dubbed Panchan by Akamai Security Research, the malware "utilizes its built-in concurrency features to maximize spreadability and execute malware...

SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2070-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2070-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server...

Archiving Job Fails With: "Failed to provision a proxy appliance : Unable to connect by SSH to Appliance."

Challenge An Archiving Job for a Scale-Out Backup Repository fails with the error: Failed to provision a proxy appliance: Unable to connect by SSH to Appliance. Copy Log Example dd.mm.yyyy hh:mm:ss Warning Failed to provision a proxy appliance: Unable to connect by SSH to appliance. dd.mm.yyyy...

Improper access control

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

CVE-2022-28704

Improper access control vulnerability in Rakuten Casa version APFV141 or APFV200 allows a remote attacker to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from the WAN side, and is also connect...

PT-2022-19180 · Rakuten · Rakuten Casa

Name of the Vulnerable Software and Affected Versions: Rakuten Casa versions AP F V1 4 1 through AP F V2 0 0 Description: The issue is related to improper access control, allowing a remote attacker to log in with root privilege and perform arbitrary operations if the product is in its default...

Amazon Linux AMI : python-twisted-conch (ALAS-2022-1592)

It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1592 advisory. An uncontrolled resource consumption flaw was found in python-twisted in the dataReceived function. This flaw allows an unauthenticated, remote attacker to send a simple command to use all available memory...

BlackBasta is the latest ransomware to target ESXi virtual machines on Linux

BlackBasta, an alleged subdivision of the ransomware group Conti, just began supporting the encryption of VMwares ESXi virtual machines VM installed on enterprise Linux servers. Because more and more organizations have begun using VMs for cost-effectiveness and easier management of devices, this...

OS Command Injection in file editor in Gogs

Impact The malicious user is able to update a crafted config file into repository's .git directory in combination with crafted file deletion to gain SSH access to the server. All installations with repository upload enabled default are affected. Patches File deletions are prohibited to repository...

GHSA-67MX-JC2F-JGJM OS Command Injection in file editor in Gogs

Impact The malicious user is able to update a crafted config file into repository's .git directory in combination with crafted file deletion to gain SSH access to the server. All installations with repository upload enabled default are affected. Patches File deletions are prohibited to repository...

OS Command Injection in file editor in Gogs

Impact The malicious user is able to update a crafted config file into repository's .git directory in combination with crafted file deletion to gain SSH access to the server. All installations with repository upload enabled default are affected. Patches File deletions are prohibited to repository...

PT-2022-14238 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: gogs/gogs versions prior to 0.12.9 Description: The issue allows a malicious user to update a crafted config file into the repository's .git directory, combined with crafted file deletion, to gain SSH access to the server. This affects all...

CVE-2022-29620

FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability...

Design/Logic Flaw

DISPUTED FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability...

CVE-2022-29620

FileZilla v3.59.0 is affected by a memory-dump exposure where an attacker can obtain cleartext passwords of connected SSH/FTP servers. This is consistently described across Red Hat, Ubuntu, NVD, CVE records, and CNNVD, all noting the vendor does not consider it a vulnerability or a lack of a publ...

Moderate: Red Hat Security Advisory: RHV Appliance (rhvm-appliance) security update [ovirt-4.5.0]

Updated RHV-M Appliance packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

Puwr - SSH Pivoting Script For Expanding Attack Surfaces On Local Networks

Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP's, sending back any successful ping requests it has. This can be used to expand out an attack surface on a local network, ...

OS Command Injection

github.com/gogs/gogs is vulnerable to OS command injection. The vulnerability exists only in windows when the repository upload is enabled, allowing an attacker to upload maliciously crafted config file to the UpdateRepoFile function of repoeditor.go and gain SSH access to the server...