279 matches found
This Week in Spring - December 6th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you? You know what Ive wanted to do? See my friends on the Spring team in person since the pandemic descended. And, Im overjoyed to relate, Ive just had the privilege of a nice meeting with several of them last night...
NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy
Get fresh Syscalls from a fresh ntdll.dll copy. This code can be used as an alternative to the already published awesome tools NimlineWhispers and NimlineWhispers2 by @ajpc500 or ParallelNimcalls. The advantage of grabbing Syscalls dynamically is, that the signature of the Stubs is not included i...
Nim-RunPE - A Nim Implementation Of Reflective PE-Loading From Memory
A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I ported to Nim. You'll need to install the following dependencies: nimble install ptrmath winim I did test this with Nim Version 1.6.2 only, so use that version for testing or...
Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1514 Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40732 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver...
Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1515 Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40733 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version...
NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy
Get fresh Syscalls from a fresh ntdll.dll copy. This code can be used as an alternative to the already published awesome tools NimlineWhispers and NimlineWhispers2 by @ajpc500 or ParallelNimcalls. The advantage of grabbing Syscalls dynamically is, that the signature of the Stubs is not included i...
Fedora: Security Advisory for oci-seccomp-bpf-hook (FEDORA-2022-5038c3236c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 36 Update: oci-seccomp-bpf-hook-1.2.6-2.fc36
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...
[SECURITY] Fedora 35 Update: oci-seccomp-bpf-hook-1.2.6-1.fc35
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...
[SECURITY] Fedora 35 Update: oci-seccomp-bpf-hook-1.2.5-3.fc35
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...
[SECURITY] Fedora 36 Update: oci-seccomp-bpf-hook-1.2.6-1.fc36
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...
[SECURITY] Fedora 36 Update: oci-seccomp-bpf-hook-1.2.5-3.fc36
OCI Hook to generate seccomp json files based on EBF syscalls used by contain er oci-seccomp-bpf-hook provides a library for applications looking to use the Container Pod concept popularized by Kubernetes...
SUSE: Security Advisory (SUSE-SU-2022:2341-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:2165-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:2165-1 Security update for containerd
This update for containerd fixes the following issues: containerd: - CVE-2022-31030: Fixed denial of service via invocation of the ExecSync API bsc1200145 docker: - Update to Docker 20.10.17-ce. See upstream changelog online at https://docs.docker.com/engine/release-notes/201017 . bsc1200145 runc...
Nanodump - A Crappy LSASS Dumper With No ASCII Art
A flexible tool that creates a minidump of the LSASS process. 1. Features It uses syscalls with SysWhispers2 for most operations. Syscalls are called from an ntdll address to bypass some syscall detections. It sets the syscall callback hook to NULL. Windows APIs are called using dynamic invoke...
DDexec - A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process
In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy this is just how execve works. This file may reside on disk or in ram tmpfs, memfd but you need a filepath. This has made very easy to control what is run on a Linux...
CVE-2022-0071
Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...
Design/Logic Flaw
Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked...
CVE-2022-0071
CVE-2022-0071 documents confirm an incomplete fix for CVE-2021-3101 in Hotdog prior to v1.0.2. The vulnerability arises because Hotdog did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. As a result, a container could exhaust host resources, modif...