Arctic Wolf’s Post

There is a new CVE that is affecting all versions of GeoServer which allows remote attackers to execute code without any credentials. The rating in CVSS is 9.8 as its Critical. GeoServer is an open source server for sharing geospatial data, according to their website. I installed a vulnerable version of it, and seems pretty interesting. There are a lot of options out there for commands, but this is only a PoC that i made quickly for testing purposes. Right now, there are more than 3000 unique IPs running the vulnerable version.

Progress addressed a critical severity #vulnerability impacting the Telerik Report Server. Tracked as CVE-2024-6327, the vulnerability has a CVSS score of 9.9. Read more here. https://lnkd.in/gWV_2cAT

CVE-2024-4358: No signatures yet for this critical Telerik Report Server vulnerability? Proactively hunt for "Telerik.Reporting" in your code. Prioritize public repos & check versions! #ThreatHunting #CodeSecurity

This package contains several tools to listen to and create network traffic:  * arpspoof - Send out unrequested (and possibly forged) arp replies.  * dnsspoof - forge replies to arbitrary DNS address / pointer queries             on the Local Area Network.  * dsniff   - password sniffer for several protocols.  * filesnarf - saves selected files sniffed from NFS traffic.  * macof    - flood the local network with random MAC addresses.  * mailsnarf - sniffs mail on the LAN and stores it in mbox format.  * msgsnarf - record selected messages from different Instant Messengers.  * sshmitm  - SSH monkey-in-the-middle. proxies and sniffs SSH traffic.  * sshow    - SSH traffic analyser.  * tcpkill  - kills specified in-progress TCP connections.  * tcpnice  - slow down specified TCP connections via "active"             traffic shaping.  * urlsnarf - output selected URLs sniffed from HTTP traffic in CLF.  * webmitm  - HTTP / HTTPS monkey-in-the-middle. transparently proxies.  * webspy   - sends URLs sniffed from a client to your local browser             (requires libx11-6 installed). #dsniff

[CVE-2024-50511: CRITICAL] Unrestricted Upload of File with Dangerous Type vulnerability in David DONISA WP donimedia carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through 1.0.1. https://lnkd.in/eTEiDApm

A new ArcGIS Enterprise Portal Security Patch has been released overnight (NZ time). Now is a good time to review your patching levels and bring your platform up to date. Patching relates to 10.8.1, 10.9.1, 11.1, 11.2. Note that short-term support versions (10.9, 11.0) are not patched, and this highlights a good reason to stay up to date with your ArcGIS Enterprise deployments. https://lnkd.in/gwrKEuvD

XBOW found a critical path traversal vulnerability in ZOO-Project (CVE-2024-53982). The vulnerability exists in the Echo example (enabled by default) and allows an attacker to retrieve any file on the server. Users should upgrade to the latest version.

security machine "kioptrix level 2" First step: Initial Reconnaissance First things first is to figure out which IP address has been assigned Based on the scan results Tool: Nmap (Used: -n -Pn -sS +ip ) In the scan we see that there are 5 ports open. port 80 "http" Second step: open the website of this machine http:// ip Third step: and login by using username(admin'--) and password (,) Fourth step: open listener by using (netcat) and write the payload in ping input to get access Step five: Search for exploit a version for apache to Higher than validity and using wget to upload the exploit and using gcc That’s all. We have got the root access. That's all folks hope you learned something new today,i would also like to thank my brother Abdelhay Elkholy

CVE-2022-26923 - Just completed this room at TryHackMe! This room explores CVE-2022-26923, a vulnerability in Microsoft's Active Directory Certificate Service (AD CS) that allows any AD user to escalate their privileges to Domain Admin. #tryhackme #redteam #activedirectory

📣 New #dfir blog alert - Web Storage on Firefox Part 2 In the second of his two-part blog Principal Analyst Alex Caithness continues his look at Local Storage and Session Storage mechanisms in Mozilla Firefox. The focus this time out is on “ephemeral” Session Storage data - and finding out just how ephemeral it actually is 🤔 https://lnkd.in/eJxncsR7 #digitalforensics #firefox #webstorage