New Diicot Threat Group Targets SSH Servers with Brute-Force Malware

By Waqas Diicot, previously known as Mexals, is a relatively new threat group that possesses extensive technical knowledge and has a broad range of objectives. This is a post from HackRead.com Read the original post: New Diicot Threat Group Targets SSH Servers with Brute-Force Malware...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

Authorization

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

CVE-2023-28175

Improper Authorization in SSH server in Bosch VMS 11.0, 11.1.0, and 11.1.1 allows a remote authenticated user to access resources within the trusted internal network via a port forwarding request...

CVE-2023-28175

CVE-2023-28175 concerns Bosch VMS, where the SSH server permits a remote authenticated user to access resources on the trusted internal network via a port forwarding request due to improper authorization. Affected products are Bosch VMS versions 11.0, 11.1.0, and 11.1.1. The CVE entry is corrobor...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2188)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tigervnc (EulerOS-SA-2023-2176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : tigervnc (EulerOS-SA-2023-2176)

According to the versions of the tigervnc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory,...

EulerOS 2.0 SP8 : curl (EulerOS-SA-2023-2188)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously...

Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2023-193)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-193 advisory. The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and telnet options for the...

Amazon Linux 2 : curl (ALAS-2023-2070)

The version of curl installed on the remote host is prior to 8.0.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2070 advisory. The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of thi...

golang: crash in a golang.org/x/crypto/ssh server

A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...

CloudPanel 2.2.2 Privilege Escalation / Path Traversal Exploit

CloudPanel versions 2.0.0 through 2.2.2 suffer from a privilege escalation vulnerability when a traversal is leveraged against clpctlWrapper for which all normal users have sudo access. Title : Privilege Escalation through path traversal CVE ID : CVE-2023-33747 Exploit Author : EagleEye Github :...

Medium: curl

Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

Information Disclosure

libcurl.so is vulnerable to Information Disclosure. The SSH server's public key is verified with the use of a SHA 256 hash functionality provided by the library, however if the check is unsuccessful, the fingerprint's memory will be released before an error message is returned. This issue puts...

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center ISC, which detected a spike in HTTP requests for "/nifi" o...

Slackware: Security Advisory (SSA:2023-150-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-45853

The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version V2.70AAHH.3 and the GS1900-8HP firmware version V2.70AAHI.3 could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH...