π¦Ώ Penetration Testing and Scanning Policy π¦Ώ
π Read
via "Tech Republic".
System or network vulnerabilities and security threats can severely impact business operations or even shutter its doors. However, these incidents can be prevented by proactively detecting potential threat opportunities. The purpose of this policy from TechRepublic Premium is to provide guidelines for appropriate penetration testing and scanning of computer systems and networks. It includes preparation, ...π Read
via "Tech Republic".
TechRepublic
Penetration Testing and Scanning Policy
System or network vulnerabilities and security threats can severely impact business operations or even shutter its doors. However, these incidents can be
βΌ CVE-2023-43624 βΌ
π Read
via "National Vulnerability Database".
CX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed may be disclosed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31122 βΌ
π Read
via "National Vulnerability Database".
Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43622 βΌ
π Read
via "National Vulnerability Database".
An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern.This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.Users are recommended to upgrade to version 2.4.58, which fixes the issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45802 βΌ
π Read
via "National Vulnerability Database".
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that.This was found by the reporter during testing ofΓ CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out.Users are recommended to upgrade to version 2.4.58, which fixes the issue.π Read
via "National Vulnerability Database".
βοΈ NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison βοΈ
π Read
via "Krebs on Security".
A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of "violence-as-a-service" offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, "bricking" windows, slashing tires, or performing a drive-by shooting at someone's residence.π Read
via "Krebs on Security".
Krebs on Security
NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison
A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 storyβ¦
π΄ Telling Small Businesses to Buy Cyber Insurance Isn't Enough π΄
π Read
via "Dark Reading".
To protect themselves from threats, companies also need proactive cybersecurity.π Read
via "Dark Reading".
Dark Reading
Telling Small Businesses to Buy Cyber Insurance Isn't Enough
To protect themselves from threats, companies also need proactive cybersecurity.
βΌ CVE-2023-5246 βΌ
π Read
via "National Vulnerability Database".
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availabilty, integrity and confidentaility of the gateways via an authentication bypass by capture-replay.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43065 βΌ
π Read
via "National Vulnerability Database".
Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26737 βΌ
π Read
via "National Vulnerability Database".
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A local adversary without sufficient privileges may be able to shutdown the Zscaler tunnel by exploiting a race condition.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28796 βΌ
π Read
via "National Vulnerability Database".
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28804 βΌ
π Read
via "National Vulnerability Database".
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105π Read
via "National Vulnerability Database".
βΌ CVE-2023-43074 βΌ
π Read
via "National Vulnerability Database".
Dell Unity 5.3 contain(s) an Arbitrary File Creation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by crafting arbitrary files through a request to the server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26738 βΌ
π Read
via "National Vulnerability Database".
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28797 βΌ
π Read
via "National Vulnerability Database".
Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside specific folders on the disk. A malicious user can replace the folder and execute code as a privileged user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26734 βΌ
π Read
via "National Vulnerability Database".
Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled directory junctions during uninstallation. A local adversary may be able to delete folders in an elevated context.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28805 βΌ
π Read
via "National Vulnerability Database".
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105π Read
via "National Vulnerability Database".
βΌ CVE-2023-42295 βΌ
π Read
via "National Vulnerability Database".
An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_rle_image function of file bifs/unquantize.cπ Read
via "National Vulnerability Database".
βΌ CVE-2023-46127 βΌ
π Read
via "National Vulnerability Database".
Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and an integrated client side library. A malicious Frappe user with desk access could create documents containing HTML payloads allowing HTML Injection. This vulnerability has been patched in version 14.49.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28803 βΌ
π Read
via "National Vulnerability Database".
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28793 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6.π Read
via "National Vulnerability Database".