Aggregator

nysm: A stealth post-exploitation container With the rise in popularity of offensive tools based on eBPF, going from credential stealers to rootkits hiding their own PID, a question came to our mind: Would it...

The post nysm: A stealth post-exploitation container appeared first on Penetration Testing Tools.

A vulnerability was found in Apache Tomcat up to 8.5.95/9.0.82/10.1.15/11.0.0-M10 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Trailer Header Handler. The manipulation leads to http request smuggling. This vulnerability is handled as CVE-2023-46589. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Exim up to 4.97 and classified as problematic. This issue affects some unknown processing of the component E-Mail Message Handler. The manipulation leads to protection mechanism failure. The identification of this vulnerability is CVE-2023-51766. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Douglas Wilson Spreadsheet::ParseExcel 0.65. This issue affects the function eval. The manipulation leads to improper neutralization of directives in dynamically evaluated code ('eval injection'). The identification of this vulnerability is CVE-2023-7101. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Red Hat Ansible. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component bitbucket_pipeline_variable Module. The manipulation leads to sensitive information in log files. This vulnerability is known as CVE-2021-20178. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Red Hat Ansible up to 2.9.17. This affects an unknown part of the component Console Log. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2021-20191. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Ansible Collections amazon.aws. Affected is an unknown function of the component ec2_instance. The manipulation of the argument tower_callback leads to improper handling of parameters. This vulnerability is traded as CVE-2022-3697. The attack can only be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Red Hat Ansible. It has been classified as problematic. Affected is an unknown function of the component ansible-galaxy. The manipulation leads to path traversal. This vulnerability is traded as CVE-2023-5115. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Red Hat Ansible Tower up to 3.8.1. This issue affects some unknown processing of the component Modules. The manipulation leads to sensitive information in log files. The identification of this vulnerability is CVE-2021-3447. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Ansible. It has been rated as critical. This issue affects some unknown processing of the component Template Handler. The manipulation leads to command injection. The identification of this vulnerability is CVE-2021-3583. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability has been found in Red Hat Ansible and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ansible-connection. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2021-3620. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ansible-playbook-k and Ansible CLI Tools up to 2.6.18/2.7.12/2.8.3. It has been declared as problematic. This vulnerability affects unknown code of the component Template Handler. The manipulation as part of Special Char leads to improper input validation (Password). This vulnerability was named CVE-2019-10206. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Oracle JD Edwards EnterpriseOne Tools. Affected by this vulnerability is an unknown functionality of the component Enterprise Infrastructure. The manipulation leads to use after free. This vulnerability is known as CVE-2018-1311. The attack can be launched remotely. There is no exploit available.

迎接2025，体验焕新：ALPHA v8.0跨年版，邀您即刻启航！

HackerNews 编译，转载请注明出处： 网络基础设施与安全公司Cloudflare周二表示，其检测并阻止了一次高达5.6 Tbps的分布式拒绝服务（DDoS）攻击，这是迄今为止报告的最大规模攻击。 这次基于UDP协议的攻击发生在2024年10月29日，目标是一家位于东亚的未具名互联网服务提供商（ISP），攻击源自一个Mirai变种僵尸网络。 “此次攻击持续了80秒，并来源于超过13000个物联网设备，”Cloudflare的Omer Yoachimik和Jorge Pacheco在一份报告中表示。 与此同时，每秒观测到的平均唯一源IP地址为5500个，每个IP地址每秒的平均流量约为1 Gbps。 此前最大规模的DDoS攻击记录同样由Cloudflare在2024年10月报告，其峰值为3.8 Tbps。 Cloudflare还披露，其在2024年阻止了约2130万次DDoS攻击，比2023年增长了53%，超过1 Tbps的攻击数量在季度间激增了1885%。仅在2024年第四季度，就缓解了多达690万次DDoS攻击。 以下是2024年第四季度观察到的一些其他重要统计数据： 已知DDoS僵尸网络占所有HTTP DDoS攻击的72.6%。 Layer 3/Layer 4（网络层）最常见的攻击向量是SYN洪水（38%）、DNS洪水攻击（16%）和UDP洪水（14%）。 Memcached、BitTorrent及勒索型DDoS攻击分别环比增长314%、304%和78%。 约72%的HTTP DDoS攻击和91%的网络层DDoS攻击在十分钟内结束。 印尼、中国香港、新加坡、乌克兰和阿根廷是DDoS攻击的最大来源国。 中国、菲律宾和德国是被攻击最多的国家。 通信、互联网、营销、信息技术和博彩是最常被攻击的行业。 与此同时，网络安全公司Qualys和Trend Micro披露，臭名昭著的Mirai僵尸网络恶意软件的变种正通过利用已知的安全漏洞和弱密码攻击物联网（IoT）设备，将其用作DDoS攻击的工具。   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

error code: 521