Aggregator

2024年12月23日-2024年12月29日本周漏洞态势研判情况      本周信息安全漏洞威胁整体评价级别为中。国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞303个，其

A vulnerability, which was classified as problematic, was found in Oracle Solaris 9/10/11. This affects an unknown part of the component Kernel. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2012-3207. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in OSH 1.7.14. Affected by this vulnerability is the function getenv of the file main.c. The manipulation of the argument $var/evar=arg leads to memory corruption. This vulnerability is known as CVE-2005-3346. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Infradead OpenConnect. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2012-3291. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in IBM WebSphere Application Server up to 6.1.0.10. Affected is an unknown function. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2012-3325. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM WebSphere Message up to 8.0.0.1 and classified as problematic. This issue affects some unknown processing of the file Uninstaller. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2012-3317. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Red Hat Enterprise Linux 5 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to credentials management. This vulnerability was named CVE-2012-3359. The attack needs to be approached locally. There is no exploit available.

error code: 521

HackerNews 编译，转载请注明出处： 上周晚些时候，Palo Alto Networks通知客户，其已修复一个零日漏洞，该漏洞曾被用于对其防火墙发动拒绝服务（DoS）攻击。 该安全漏洞编号为CVE-2024-3393，影响了运行于Palo Alto Networks防火墙上的PAN-OS软件的DNS安全功能。漏洞允许未经身份验证的攻击者通过数据平面发送特制数据包，导致防火墙重启。 Palo Alto Networks警告称：“多次尝试触发此条件将导致防火墙进入维护模式。” 该公司还指出，其“已意识到当防火墙拦截触发此问题的恶意DNS数据包时，客户会遭遇拒绝服务（DoS）”。 尽管存在此情况且CVE-2024-3393被评为“高危”，但Palo Alto Networks仅将此漏洞的紧急程度定为“中等”，并指出仅当PAN-OS软件启用DNS安全日志记录，并应用DNS安全许可证或高级DNS安全许可证时，才会受到影响——两个条件需同时满足，漏洞利用才可能实现。 PAN-OS 10.1.14-h8、10.2.10-h12、11.1.5和11.2.3版本已修复此漏洞。而PAN-OS 11.0版本已于11月17日停止支持，因此不会收到修复补丁。同时，该公司还提供了临时解决方案和缓解措施。 Palo Alto Networks对爱沙尼亚CERT-EE提供的取证和分析协助表示感谢。但关于该漏洞的发现方式以及利用该漏洞的攻击情况，目前尚未有更多信息。 威胁组织利用Palo Alto防火墙漏洞发动攻击的情况并不罕见。在安全公司追踪的“月球窥探”行动中，恶意行为者曾利用两个PAN-OS零日漏洞攻破了大量防火墙。   消息来源：Security Week, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

Eclipse Eclipse is a PoC that performs Activation Context hijack to load and run an arbitrary DLL in any desired process. Initially, this technique was created as a more flexible alternative to DLL Sideloading + DLL...

The post Eclipse: Hijacking Activation Context for Arbitrary DLL Injection appeared first on Penetration Testing Tools.

hcltm Threat Modeling with HCL Overview There are many different ways in which a threat model can be documented. From a simple text file to more in-depth word documents, to fully instrumented threat models...

The post hcltm: Threat Modeling with HCL appeared first on Penetration Testing Tools.

Cloak Cloak is a pluggable transport that works alongside traditional proxy tools like OpenVPN to evade deep-packet-inspection-based censorship. Cloak is not a standalone proxy program. Rather, it works by masquerading proxy tool’s traffic as normal...

The post Cloak: evade deep-packet-inspection based censorship appeared first on Penetration Testing Tools.

A vulnerability, which was classified as critical, was found in rlpr daemon 2.0.4. Affected is the function msg. The manipulation leads to format string. This vulnerability is traded as CVE-2004-0393. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in CentOS-WebPanel.com CentOS Web Panel 0.9.8.838. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2019-13605. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Linux Kernel 2.6.22.7. It has been rated as problematic. This issue affects the function snd_mem_proc_read. The manipulation of the argument count leads to information disclosure. The identification of this vulnerability is CVE-2007-4571. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

error code: 521

HackerNews 编译，转载请注明出处： 美国卫生与公共服务部（HHS）民权办公室（OCR）提议对医疗机构实施新网络安全规定，以保护患者数据免受网络攻击。 该提案旨在修订1996年《健康保险流通与问责法案》（HIPAA），作为加强关键基础设施网络安全广泛行动的一环，OCR指出。 新规将通过升级HIPAA安全标准，强化电子保护健康信息（ePHI）的安全防护，以“更有效地应对医疗行业日益严峻的网络安全挑战。” 据此，提案要求医疗机构审查技术资产清单和网络图，识别电子信息系统潜在漏洞，并建立72小时内恢复特定电子信息系统及数据的流程。 其他关键条款包括：每年至少实施一次合规审计，确保静态及传输中的ePHI加密，强制采用多因素认证，部署反恶意软件保护，并清理电子信息系统中的冗余软件。 《拟议规则通知》（NPRM）还要求医疗实体实施网络分段，建立备份与恢复技术控制，至少每六个月进行一次漏洞扫描，及每年至少一次渗透测试。 此举措出台之际，医疗行业正频繁遭受勒索软件攻击，不仅造成经济损失，还因破坏诊断设备和患者医疗记录系统访问，危及患者生命。 微软2024年10月指出，医疗组织因存储高度敏感数据而成为勒索软件攻击目标，但更大风险在于可能承担的巨额财务赔偿。 勒索软件事件还导致周边医疗设施不堪重负，因急需治疗的患者涌入而无法及时响应。 据网络安全公司Sophos数据，2024年67%的医疗机构遭遇勒索软件攻击，较2021年的34%显著上升，主要归因于漏洞利用、凭证泄露及恶意邮件。 其中，53%的机构在数据被加密后支付了赎金以恢复访问，赎金中位数达150万美元。 同时，勒索软件攻击后的恢复时间也在延长，仅22%的受害者在一周内完全恢复，远低于2022年的54%。 Sophos首席技术官John Shier表示：“医疗信息的高度敏感性和对即时访问的需求，使医疗行业始终成为网络犯罪分子的攻击目标。遗憾的是，许多医疗组织准备不足，恢复时间不断延长。” 上月，世界卫生组织（WHO）将针对医院和医疗系统的勒索软件攻击视为“生死攸关”，呼吁国际社会共同应对这一网络安全威胁。   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability has been found in CVS and classified as very critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2004-0416. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Fully homomorphic encryption can safeguard highly sensitive health data related to rare diseases, underserved populations and clinical trials as it is shared with medical researchers, said Kurt Rohloff, co-founder and CTO of Duality Technologies, who said projects to apply it are underway right now.

Attackers Exploiting OS Command Injection Vulnerability
Hackers are exploiting a high-severity command injection vulnerability in Chinese-manufactured Four-Faith industrial routers. Typical customers of Four-Faith use the routers for remote monitoring, control systems, supervisory control and data acquisition networks.