βΌ CVE-2020-13945 βΌ
π Read
via "National Vulnerability Database".
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects versions 1.2, 1.3, 1.4, 1.5.π Read
via "National Vulnerability Database".
π¦Ώ How to use an SSH config file on macOS for easier connections to your data center servers π¦Ώ
π Read
via "Tech Republic".
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.π Read
via "Tech Republic".
TechRepublic
How to Use an SSH Config File on macOS for Easier Connections to Your Data Center Servers
Jack Wallen shows you how to make SSH connections even easier from your macOS machine.
β Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping β
π Read
via "Threat Post".
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.π Read
via "Threat Post".
Threat Post
Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping
The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more.
π¦Ώ Multi-factor authentication: 5 reasons not to use SMS π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.
π¦Ώ Top 5 reasons not to use SMS for multi-factor authentication π¦Ώ
π Read
via "Tech Republic".
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable. Tom Merritt lists five reasons why SMS should not be used for MFA.π Read
via "Tech Republic".
TechRepublic
Top 5 reasons not to use SMS for multi-factor authentication
Using SMS as an additional means to authenticate your password is better than nothing, but it's not the most reliable approach. Tom Merritt lists five reasons why SMS should not be used for MFA.
π΄ Trump Signs IoT Security Bill into Law π΄
π Read
via "Dark Reading".
The Internet of Things Cybersecurity Improvement Act of 2020 is now official.π Read
via "Dark Reading".
Dark Reading
Trump Signs IoT Security Bill into Law
The Internet of Things Cybersecurity Improvement Act of 2020 is now official.
β NSA Warns: Patched VMware Bug Under Active Exploit β
π Read
via "Threat Post".
Feds are warning that foreign adversaries are exploiting a weeks-old bug in VMwareβs Workspace One Access and VMware Identity Manager products.π Read
via "Threat Post".
Threat Post
NSA Warns: Patched VMware Bug Under Active Attack
Feds are warning that adversaries are exploiting a weeks-old bug in VMwareβs Workspace One Access and VMware Identity Manager products.
π΄ Phishing Campaign Targets 200M Microsoft 365 Accounts π΄
π Read
via "Dark Reading".
A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.π Read
via "Dark Reading".
Darkreading
Phishing Campaign Targets 200M Microsoft 365 Accounts
A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.
βΌ CVE-2020-8566 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8563 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27641 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-29136. Reason: This candidate is a reservation duplicate of CVE-2020-29136. Notes: All CVE users should reference CVE-2020-29136 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28935 βΌ
π Read
via "National Vulnerability Database".
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8565 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8564 βΌ
π Read
via "National Vulnerability Database".
In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25692 βΌ
π Read
via "National Vulnerability Database".
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26253 βΌ
π Read
via "National Vulnerability Database".
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. In order to protect new installations on public servers that don't have an admin account for the Panel yet, we block account registration there by default. This is a security feature, which we implemented years ago in Kirby 2. It helps to avoid that you forget registering your first admin account on a public server. In this case Γ’β¬β without our security block Γ’β¬β someone else might theoretically be able to find your site, find out it's running on Kirby, find the Panel and then register the account first. It's an unlikely situation, but it's still a certain risk. To be able to register the first Panel account on a public server, you have to enforce the installer via a config setting. This helps to push all users to the best practice of registering your first Panel account on your local machine and upload it together with the rest of the site. This installation block implementation in Kirby versions before 3.3.6 still assumed that .dev domains are local domains, which is no longer true. In the meantime, those domains became publicly available. This means that our installation block is no longer working as expected if you use a .dev domain for your Kirby site. Additionally the local installation check may also fail if your site is behind a reverse proxy. You are only affected if you use a .dev domain or your site is behind a reverse proxy and you have not yet registered your first Panel account on the public server and someone finds your site and tries to login at `yourdomain.dev/panel` before you register your first account. You are not affected if you have already created one or multiple Panel accounts (no matter if on a .dev domain or behind a reverse proxy). The problem has been patched in Kirby 3.3.6. Please upgrade to this or a later version to fix the vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25630 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. This affects versions 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27818 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27822 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a possibility of a memory leak. This flaw allows an attacker to impact the availability of the server. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25677 βΌ
π Read
via "National Vulnerability Database".
Ceph-ansible 4.0.34.1 creates /etc/ceph/iscsi-gateway.conf with insecure default permissions, allowing any user to read the sensitive information within.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25629 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as" a System manager. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. This is fixed in 3.9.2, 3.8.5, 3.7.8 and 3.5.14.π Read
via "National Vulnerability Database".