Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
ba72c109737ff97ca3ceaa8f57f82012fb57c0fe9a1a1e5032fdd5076d82c782Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
2fcaed107143a0c2781af026be6a5bc7ae14627be71e8fa8b975dc3a71b731e3Debian Linux Security Advisory 4461-1 - Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure.
1337e1daf1937a7234d5a17327c7dea90f4494cbdc9ddf4c97d7a7a246e5b9cbTelus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a local privilege escalation vulnerability.
64c22975e1acdf7c911c95d4b915a2f2f35f87f789a240cdb57a6e473dd665a4Ubuntu Security Notice 4015-2 - USN-4015-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges. Various other issues were also addressed.
576cac5c5a3092206736078b3a37e63cb44d3ca09f8ced65658842dd9266b3c5Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a serial number information disclosure vulnerability. The wireless extenders use DHCP Option 125 to include device details such as model number, manufacturer, and serial number. The WCB6000Q DHCP DISCOVER and REQUEST broadcasts include the device serial number in the DHCP option 125 (subopt 2) field. An attacker on the same Layer 2 network segment as the device, can see all these DHCP requests with a packet capture. Once he or she has this, the device's admin web UI password can be reset using the web UI "forgot password" page to reset to a known value.
a60ada135acfe3357034b2f1a27e49db28c91ce7c509f65eef039cbca0d8eb46There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric.
77ebee2e76c83cac1e5410a53acbe10f9b0064d421f6789060e5502ae995009eDebian Linux Security Advisory 4460-1 - Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures.
7a55a21890bc3aee34c8780e72fea6d81181006a290af0fbd95c42ec904669deTelus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a serial number information disclosure vulnerability. The wireless extenders use DHCP Option 125 to include device details such as model number, manufacturer, and serial number. By forging a special DHCP packet using Option 125, an attacker can obtain the device serial number. Once he or she has this, the device's admin web UI password can be reset using the web UI "forgot password" page to reset to a known value.
e00278c615b4c6ca6904174cd960226f3071c1c8dac2689625b8674db654d3c2Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from a denial of service vulnerability. By querying CGI endpoints with empty (GET/POST/HEAD) requests causes a Segmentation Fault of the uhttpd webserver. Since there is no watchdog on this daemon, a device reboot is needed to restart the webserver to make any modification to the device.
b7e77c13720ff2862b5f2cd505e2fd83433bb92406f790f5a82bf75578c329ddHyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".
4aca3455bf543f257a9dfc1d5a9809a4e42a520b7053074ac940fa74b968bb72Telus Actiontec WEB6000Q with firmware 1.1.02.22 suffers from both local and remote privilege escalation vulnerabilities.
4603e04a98825c83c6631a84067f20ea7105aa334aa5ff03f9006cfcabc325ecTelus Actiontec T2200H with firmware T2200H-31.128L.08 suffers from a credential disclosure vulnerability. An HTTP interface used by wireless extenders to pull the modem's wifi settings uses DHCP client-provided option values to restrict access to this API. By forging DHCP packets, one can access this interface without any authentication and obtain details such as SSID name, encryption type, and WPA/WEP keys. This can be leveraged if an attacker is on the same Layer 2 network as the modem.
18956a3fcbea918f85460a9c4e64d5ab6e1e70d214ae287471800ffc0dc7ee49FusionPBX versions 4.4.3 and below suffer from a remote code execution vulnerability via cross site scripting.
2116c72ea7f7eb6337234a9d1cddbfc94c56900a0a24c8146f1617c1a0139fcaThis paper presents the "LDAP Swiss Army Knife", an easy to use LDAP server implementation built for penetration oder software testing. Apart from general usage as a server or proxy it also shows some specific attacks against Java/JNDI based LDAP clients.
341da515f73e2922c4e4729bef9645201fe4a74fdb8cb1bf8b386787d5631e80
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed