Lucene search
K

107 matches found

The Hacker News
The Hacker News
added 2022/09/17 2:47 a.m.46 views

Hackers Had Access to LastPass's Development Systems for Four Days

Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/26 10:0 a.m.10 views

Source code of password manager LastPass stolen by attacker

In a security incident notice from LastPass the company informed the public know that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account. There is no evidence that this incident involved any access to customer dat...

Exploits0
Code423n4
Code423n4
added 2022/07/17 12:0 a.m.14 views

Vaults are not locked properly

Lines of code Vulnerability details Impact Even though after Auction starts, Vault ownership moves to Witch but still Cauldron Admin can perform operations on this Vault. This includes transferring funds from a Vault which has live Auction ongoing Proof of Concept 1. Auction is started on Vault i...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/14 12:0 a.m.10 views

Setting a high feeRate can block exercise or cause negative flow of funds

Lines of code Vulnerability details Impact When an admin intentionally or unintentionally sets a feeRate greater than 1e18 100%, The exercise function can fail with arithmetic operation underflow at line 289 In the case, when beneficiary is connected to multiple vaults, the exercise function will...

6.8AI score
Exploits0
OSV
OSV
added 2022/05/13 1:21 a.m.12 views

GHSA-Q9QR-H33G-FW3J TeamPass Storing Passwords in a Recoverable Format vulnerability

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role...

9.8CVSS9.7AI score0.01724EPSS
Exploits0References3
Code423n4
Code423n4
added 2022/01/30 12:0 a.m.10 views

ConvexYieldWrapper griefing attack is possible that removes all the vaults from any user

Handle hyh Vulnerability details Impact Griefing attack is possible, an attacker can can remove all vaultIds from an arbitrary account. I.e. anyone can mix up vault configuration for any user. Proof of Concept ConvexYieldWrapper.removeVault doesn't have access controls and allows anyone to manage...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/29 12:0 a.m.6 views

Lack of auth for vaults

Handle 0x1f8b Vulnerability details Impact Anyone can create vaults and remove vaults from anyone. Proof of Concept The contract ConvexYieldWrapper expose two methods: addVault show in his comment Adds a vault to the user's vault list but according to the code it not use the users vault, it use...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.9 views

Vaults don't work with fee-on transfer tokens

Handle cmichel Vulnerability details Certain ERC20 tokens make modifications to their ERC20's transfer or balanceOf functions. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Impact The Vault.addValueBatch functions will recive less...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.8 views

NFTXVaultFactoryUpgradeable implementation can be replaced in production breaking the system

Handle hyh Vulnerability details Impact NFTXVaultFactory contract holds information regarding vaults, assets and permissions vaults, vaultsForAsset and excludedFromFees mappings. As there is no mechanics present that transfers this information to another implementation, the switch of...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2021/10/28 11:30 a.m.37 views

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

7.1AI score
Exploits0References7
Code423n4
Code423n4
added 2021/09/16 12:0 a.m.10 views

Use mutex lock on VaultHelper.sol

Handle tensors Vulnerability details Impact I strongly recommend adding a nonreentrant modifier on the functions within VaultHelper.sol The contract makes a bunch of unsafe external calls to the user submitted addresses vault and gauge. Also, add some checks to make sure vault and gauge are...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/15 12:0 a.m.9 views

manager.allowedVaults check missing for add/remove strategy

Handle 0xRajeev Vulnerability details Impact The manager.allowedVaults check is missing for add/remove strategy like how it is used in reorderStrategies. This will allow a strategist to accidentally/maliciously add/remove strategies on unauthorized vaults. Given the critical access control that i...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/15 12:0 a.m.11 views

An attacker can steal funds from multi-token vaults

Handle WatchPug Vulnerability details The total balance should NOT be simply added from different tokens' tokenAmounts, considering that the price of tokens may not be the same. function balanceOfThis public view returns uint256 balance address memory tokens = manager.getTokensaddressthis; for...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/11 12:0 a.m.16 views

No safety check in addToken

Handle jonah1005 Vulnerability details Impact There's no safety check in Manager.sol addToken. There are two possible cases that might happen. 1. One token being added twice in a Vault. Token would be counted doubly in the vault. Ref: Vault.solL293-L303. There would be two item in the array when...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/07/05 12:0 a.m.7 views

sortVaultsByDelta doesn't work as expected

Handle gpersoon Vulnerability details Impact The function sortVaultsByDelta doesn't always work as expected. Suppose all the delta's are positive, and delta1 = delta2 = delta3 0 Then maxIndex = 0 And delta minDelta ==0 is never true, so minIndex = 0 Then assuming bigFirst==true: vaultIndexes0 =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/06/01 12:0 a.m.7 views

Undercollateralized vaults' owner can be overwritten

Handle cmichel Vulnerability details The witch can Witch.grab vaults and the vaultOwnersvaultId field is set to the original owner. However, when the auction time is over and the debt has not been fully paid back, the original owner is not restored, and the witch can grab the same vault again,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/05/07 12:0 a.m.9 views

EIP-721 / EIP-1155 Re-Entrancy Vulnerability (Resubmission)

Handle 0xsomeone Vulnerability details This submission acts as additional material to the original submission. I would like to note that the "Areas of Review" chapter of the contest explicitly states that "Vaults should always maintain 1:1 ratio..." which the re-entrancy breaks. --- The text was...

7AI score
Exploits0
Kitploit
Kitploit
added 2021/04/01 8:30 p.m.384 views

SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality

SharpDPAPI is a C port of some DPAPI functionality from @gentilkiwi's Mimikatz project. I did not come up with this logic, it is simply a port from Mimikatz in order to better understand the process and operationalize it to fit our workflow. The SharpChrome subproject is an adaptation of work fro...

7.7AI score
Exploits0References23
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/12/06 8:59 a.m.185 views

Hacking Hardware Password Managers: The RecZone

TL:DR Hardware security can be difficult to fathom, so I set out to research three password vaults as a newbie, sharing my findings. I picked three popular hardware vaults, each with different components, requiring different skills and equipment. Here's how I learned about disassembly, chipset...

6.9AI score
Exploits0
Qualys Blog
Qualys Blog
added 2019/04/02 5:36 a.m.14 views

Qualys Cloud Platform (VM, PC) 8.18.1 New Features

The patch release of the Qualys Cloud Platform, version 8.18.1.0-1, includes new support for HashiCorp Vaults as well as for Virtual Scanner Appliance for OCI and OCI-Classic Platforms. Feature Highlights Support for HashiCorp Vaults – This release adds a new vault type that can be used to retrie...

0.6AI score
Exploits0
Rows per page
Query Builder