#ssl

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Industrial Managed Switch Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a temporary denial-of service (DoS) condition in the web service on the product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of CC-Link IE TSN Industrial Managed Switch are affected: NZ2MHG-TSNT8F2: Versions 05 and prior NZ2MHG-TSNT4: Versions 05 and prior 3.2 Vulnerability Overview 3.2.1 Allocation of Resources Without Limits or Throttling CWE-770 Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch has an OpenSSL vulnerability that allows an attacker to cause a temporary denial-of service (DoS) condition on the web service of the product by getting a legitimate administrator user to import specially crafted certificat...

### Summary BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat. ### Details 1. There is no overflow detection or enforcement of the maximum sequence value. (This is a missed requirement from the draft Chunked Oblivious OHTTP RFC and so should be inherited from the HPKE RFC 9180, Section 5.2). 2. The sequence number (seq) is stored as 32-bit int which is relatively easy to overflow. https://github.com/netty/netty-incubator-codec-ohttp/blob/1ddadb6473cd3be5491d114431ed4c1a9f316001/codec-ohttp-hpke-classes-boringssl/src/main/java/io/netty/incubator/codec/hpke/boringssl/BoringSSLAEADContext.java#L112-L114 ### Impact If the BoringSSLAEADContext is used to encrypt more than 2^32 messages then the AES-GCM nonce will repeat...

In my first article, Part I: Like a Rainbow In The Dark, I described which problems distributed tracing can help you solve. I also provided some strategies for adopting this observability superpower without getting overwhelmed. As you continue down that path, though, there are some myths that need to be busted, and complex concepts demystified.Let's start with a common phrase that sounds good at first but ultimately isn't useful. This statement can both come from the engineering trenches or whoever is calling the shots: “I want great observability without touching a line of code”.That’s

Employee and Visitor Gate Pass Logging System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

FreePBX suffers from a remote code execution vulnerability. Versions 14, 15, and 16 are all affected.

Red Hat Security Advisory 2024-3527-03 - Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Issues addressed include buffer overflow, denial of service, integer overflow, memory leak, and resource exhaustion vulnerabilities.

Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

By Daily Contributors One of the interesting things about working for a cybersecurity company is that you get to talk to… This is a post from HackRead.com Read the original post: One Phish, Two Phish, Red Phish, Blue Phish

Red Hat Security Advisory 2024-3467-03 - An update for etcd is now available for Red Hat OpenStack Platform 16.1 on Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.