Forwarded from DailyCVE
🔵Openssh vulnerability Allow overriding TERM with SetEnv directives in ssh_config:
(DC: 243-2021)
https://dailycve.com/openssh-vulnerability-allow-overriding-term-setenv-directives-sshconfig
(DC: 243-2021)
https://dailycve.com/openssh-vulnerability-allow-overriding-term-setenv-directives-sshconfig
Dailycve
Openssh vulnerability Allow overriding TERM with SetEnv directives in ssh_config | CVE
Details:
OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ssh and server sshd, file transfer utilities scp and sftp as well as tools for key generation…
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
🔵Unpatched Arbitrary file download vulnerability exists in v2 video conference system:
https://dailycve.com/unpatched-arbitrary-file-download-vulnerability-exists-v2-video-conference-system
https://dailycve.com/unpatched-arbitrary-file-download-vulnerability-exists-v2-video-conference-system
Dailycve
Unpatched Arbitrary file download vulnerability exists in v2 video conference system | CVE
Details:
Beijing Weisu Technology Co., Ltd. (V2 for short) is a high-tech corporation that focuses on technology for Internet audio and video communication. Under its canopy, the v2 video conferencing scheme is a video conference device.
In the v2 video…
Forwarded from DailyCVE
🔵New Bug in OpenVpn could leak your ip adress |(DC: 245-2021)
https://dailycve.com/new-bug-openvpn-could-leak-your-ip-adress
https://dailycve.com/new-bug-openvpn-could-leak-your-ip-adress
Dailycve
New Bug in OpenVpn could leak your ip adress | CVE
Details:
OpenVPN provides flexible VPN solutions to secure your data communications, whether it's for Internet privacy, remote access for employees, securing IoT, or for networking Cloud data centers. Our VPN Server software solution can be deployed…
Forwarded from UNDERCODE NEWS
For the first time, Apple’s recent quarterly revenues are forecast to reach $100 billion.
#Analytiques
#Analytiques
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑🔍 How to Install GVM Vulnerability Scanner on Ubuntu 20.04 ?
Install the following dependency packages first.
sudo su -
apt update && \
apt -y dist-upgrade && \
apt -y autoremove && \
apt install -y software-properties-common && \
apt install -y build-essential cmake pkg-config libglib2.0-dev libgpgme-dev libgnutls28-dev uuid-dev libssh-gcrypt-dev libldap2-dev doxygen graphviz libradcli-dev libhiredis-dev libpcap-dev bison libksba-dev libsnmp- dev gcc-mingw-w64 heimdal-dev libpopt-dev xmltoman redis-server xsltproc libical-dev postgresql postgresql-contrib postgresql-server-dev-all gnutls-bin nmap rpm nsis curl wget fakeroot gnupg sshpass socat snmpm smbclihtt gnupg sshpass socat snmpm smbclih dev python3-polib gettext rsync xml-twig-tools python3-paramiko python3-lxml python3-defusedxml python3-pip python3-psutil python3-impacket virtualenv vim git && \
apt install -y texlive-latex-extra --no-install-recommends && \
apt install -y texlive-fonts-recommended && \
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
apt update && \
apt -y install yarn && \
yarn install && \
yarn upgrade
Create a GVM user
Paste the following commands into a terminal to create a gvm user that will be used during installation and compilation:
echo 'export PATH = "$ PATH: / opt / gvm / bin: / opt / gvm / sbin: /opt/gvm/.local/bin"' | tee -a /etc/profile.d/gvm.sh && \
chmod 0755 /etc/profile.d/gvm.sh && \
source /etc/profile.d/gvm.sh && \
bash -c 'cat </etc/ld.so.conf.d/gvm.conf
# gmv libs location
/ opt / gvm / lib
EOF '
mkdir / opt / gvm && \
adduser gvm --disabled-password --home / opt / gvm / --no-create-home --gecos '' && \
usermod -aG redis gvm && \
chown gvm: gvm / opt / gvm /
Now login as user gvm.
sudo su - gvm
Download and install the software (GVM)
mkdir src && \
cd src && \
export PKG_CONFIG_PATH = / opt / gvm / lib / pkgconfig: $ PKG_CONFIG_PATH
git clone -b gvm-libs-20.08 --single-branch https://github.com/greenbone/gvm-libs.git && \
git clone -b openvas-20.08 --single-branch https://github.com/greenbone/openvas.git && \
git clone -b gvmd-20.08 --single-branch https://github.com/greenbone/gvmd.git && \
git clone -b master --single-branch https://github.com/greenbone/openvas-smb.git && \
git clone -b gsa-20.08 --single-branch https://github.com/greenbone/gsa.git && \
git clone -b ospd-openvas-20.08 --single-branch https://github.com/greenbone/ospd-openvas.git && \
git clone -b ospd-20.08 --single-branch https://github.com/greenbone/ospd.git
Install gvm-libs (GVM)
In this step, we will compile gvm-lib from github:
cd gvm-libs && \
export PKG_CONFIG_PATH = / opt / gvm / lib / pkgconfig: $ PKG_CONFIG_PATH && \
mkdir build && \
cd build && \
cmake -DCMAKE_INSTALL_PREFIX = / opt / gvm .. && \
make && \
make doc && \
make install && \
cd / opt / gvm / src
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑🔍 How to Install GVM Vulnerability Scanner on Ubuntu 20.04 ?
Install the following dependency packages first.
sudo su -
apt update && \
apt -y dist-upgrade && \
apt -y autoremove && \
apt install -y software-properties-common && \
apt install -y build-essential cmake pkg-config libglib2.0-dev libgpgme-dev libgnutls28-dev uuid-dev libssh-gcrypt-dev libldap2-dev doxygen graphviz libradcli-dev libhiredis-dev libpcap-dev bison libksba-dev libsnmp- dev gcc-mingw-w64 heimdal-dev libpopt-dev xmltoman redis-server xsltproc libical-dev postgresql postgresql-contrib postgresql-server-dev-all gnutls-bin nmap rpm nsis curl wget fakeroot gnupg sshpass socat snmpm smbclihtt gnupg sshpass socat snmpm smbclih dev python3-polib gettext rsync xml-twig-tools python3-paramiko python3-lxml python3-defusedxml python3-pip python3-psutil python3-impacket virtualenv vim git && \
apt install -y texlive-latex-extra --no-install-recommends && \
apt install -y texlive-fonts-recommended && \
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
apt update && \
apt -y install yarn && \
yarn install && \
yarn upgrade
Create a GVM user
Paste the following commands into a terminal to create a gvm user that will be used during installation and compilation:
echo 'export PATH = "$ PATH: / opt / gvm / bin: / opt / gvm / sbin: /opt/gvm/.local/bin"' | tee -a /etc/profile.d/gvm.sh && \
chmod 0755 /etc/profile.d/gvm.sh && \
source /etc/profile.d/gvm.sh && \
bash -c 'cat </etc/ld.so.conf.d/gvm.conf
# gmv libs location
/ opt / gvm / lib
EOF '
mkdir / opt / gvm && \
adduser gvm --disabled-password --home / opt / gvm / --no-create-home --gecos '' && \
usermod -aG redis gvm && \
chown gvm: gvm / opt / gvm /
Now login as user gvm.
sudo su - gvm
Download and install the software (GVM)
mkdir src && \
cd src && \
export PKG_CONFIG_PATH = / opt / gvm / lib / pkgconfig: $ PKG_CONFIG_PATH
git clone -b gvm-libs-20.08 --single-branch https://github.com/greenbone/gvm-libs.git && \
git clone -b openvas-20.08 --single-branch https://github.com/greenbone/openvas.git && \
git clone -b gvmd-20.08 --single-branch https://github.com/greenbone/gvmd.git && \
git clone -b master --single-branch https://github.com/greenbone/openvas-smb.git && \
git clone -b gsa-20.08 --single-branch https://github.com/greenbone/gsa.git && \
git clone -b ospd-openvas-20.08 --single-branch https://github.com/greenbone/ospd-openvas.git && \
git clone -b ospd-20.08 --single-branch https://github.com/greenbone/ospd.git
Install gvm-libs (GVM)
In this step, we will compile gvm-lib from github:
cd gvm-libs && \
export PKG_CONFIG_PATH = / opt / gvm / lib / pkgconfig: $ PKG_CONFIG_PATH && \
mkdir build && \
cd build && \
cmake -DCMAKE_INSTALL_PREFIX = / opt / gvm .. && \
make && \
make doc && \
make install && \
cd / opt / gvm / src
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Yarn
Fast, reliable, and secure dependency management.
Forwarded from DailyCVE
🔵Hyweb HyCMS-J SQL injection vulnerability:
(DC: 246-2021)
https://dailycve.com/hyweb-hycms-j-sql-injection-vulnerability
(DC: 246-2021)
https://dailycve.com/hyweb-hycms-j-sql-injection-vulnerability
Forwarded from DailyCVE
🔵Cross-site scripting vulnerabilities in Aterm products:
(DC: 247-2021)
https://dailycve.com/cross-site-scripting-vulnerabilities-aterm-products
(DC: 247-2021)
https://dailycve.com/cross-site-scripting-vulnerabilities-aterm-products
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from DailyCVE
🔵mutt: Denial of service - Remote with user interaction:
(DC: 248-2021)
https://dailycve.com/mutt-denial-service-remote-user-interaction
(DC: 248-2021)
https://dailycve.com/mutt-denial-service-remote-user-interaction
Forwarded from DailyCVE
🔵hawk2: Execute arbitrary code/commands - Remote/unauthenticated (DC: 249-2021)
https://dailycve.com/hawk2-execute-arbitrary-codecommands-remoteunauthenticated
https://dailycve.com/hawk2-execute-arbitrary-codecommands-remoteunauthenticated
Forwarded from UNDERCODE NEWS
