Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

GHSA-475g-vj6c-xf96: CrateDB database has an arbitrary file read vulnerability

### Summary There is an arbitrary file read vulnerability in the CrateDB database, and authenticated CrateDB database users can read any file on the system. ### Details There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. ### PoC ``` CREATE TABLE info_leak(info_leak STRING); COPY info_leak FROM '/etc/passwd' with (format='csv', header=false); or COPY info_leak FROM '/crate/config/crate.yml' with (format='csv', header=false); SELECT * FROM info_leak; ``` ![image](https://user-images.githubusercontent.com/154296962/292985975-ff5f2fb8-1a3f-4b49-9951-cd1fc6e78031.png) ### Impact This vulnerability affects all current versions of the CrateDB database. Attackers who exploit this vulnerability to obtain sensitive information may carry out further attacks, while a...

ghsa
Open in Source
#vulnerability#git#auth
GHSA-2wgc-48g2-cj5w: vantage6 has insecure SSH configuration for node and server containers

### Impact Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. We will probably opt to completely remove the ssh option as it is only used for debugging. Later, we can add a debug mode where we can activate it if necessary. ### Workarounds Remove the ssh part from the docker file and build your own docker image

GHSA-w9h2-px87-74vx: vantage6 remote code execution vulnerability

### Impact Authenticated users could inject code into algorithm environment variables ### Workarounds No

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.

FBI Warns of Tech Support Courier Scam Aiming at Cash and Metals

By Deeba Ahmed Seniors, Beware: This Tech Support Scam Goes Beyond Just Receiving Calls. This is a post from HackRead.com Read the original post: FBI Warns of Tech Support Courier Scam Aiming at Cash and Metals

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to

Red Hat Security Advisory 2024-0538-03

Red Hat Security Advisory 2024-0538-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and null pointer vulnerabilities.

Red Hat Security Advisory 2024-0533-03

Red Hat Security Advisory 2024-0533-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.

Ubuntu Security Notice USN-6613-1

Ubuntu Security Notice 6613-1 - Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An unprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket.

WS_FTP Server 5.0.5 Denial Of Service

WS_FTP Server version 5.0.5 remote denial of service exploit.