Get Mystery Box with random crypto!

Vulnerability Management and more

Logo of telegram channel avleonovcom — Vulnerability Management and more V
Logo of telegram channel avleonovcom — Vulnerability Management and more
Channel address: @avleonovcom
Categories: Technologies , Blogs
Language: English
Subscribers: 1.79K
Description from channel

Vulnerability assessment, IT compliance management, security automation and other beautiful stuff. Discussion group for this channel: @avleonovchat. PM me @leonov_av

Ratings & Reviews

2.00

2 reviews

Reviews can be left only by registered users. All reviews are moderated by admins.

5 stars

0

4 stars

0

3 stars

1

2 stars

0

1 stars

1


The latest Messages 10

2021-10-15 13:25:01 Finally I started working on the CLI for Vulristics. Of course, it is not normal to edit scripts every time to release a report. This already works for MS Patch Tuesday reports: python3.8 vulristics.py --report-type "ms_patch_tuesday" --mspt-year 2021 --mspt…
225 viewsedited  10:25
Open / Comment
2021-10-14 13:16:09
Apache Warns of Zero-Day Exploit in the Wild — Patch You Web Servers Now! #TheHackersNews "Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively…
109 viewsedited  10:16
Open / Comment
2021-10-13 12:40:16 #Vulristics #DailyExploits for 2021-10-13 based on #Vulners data

1. 1337DAY-ID-36888 - Aviatrix Controller 6.x Path Traversal / Code Execution Exploit
2. 1337DAY-ID-36889 - Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Exploit
3. 1337DAY-ID-36890 - Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root Exploit
4. 1337DAY-ID-36891 - Moodle Admin Shell Upload Exploit
5. 1337DAY-ID-36892 - Moodle SpellChecker Path Authenticated Remote Command Execution Exploit
6. 1337DAY-ID-36893 - Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution Exploit
7. 1337DAY-ID-36894 - Moodle Authenticated Spelling Binary Remote Code Execution Exploit
8. PACKETSTORM:164479 - Moodle Authenticated Spelling Binary Remote Code Execution
9. PACKETSTORM:164480 - Moodle Teacher Enrollment Privilege Escalation / Remote Code Execution
10. PACKETSTORM:164481 - Moodle SpellChecker Path Authenticated Remote Command Execution
11. PACKETSTORM:164482 - Moodle Admin Shell Upload
173 views09:40
Open / Comment
2021-10-13 12:40:16 So many new RCE exploits for Moodle. "Moodle is a free and open-source learning management system. it is used for blended learning, distance education, flipped classroom and other e-learning projects in schools, universities, workplaces and other sectors". Surely some organizations make it available on the network perimeter and do not update it regularly.
195 viewsedited  09:40
Open / Comment
2021-10-13 10:33:44 Hello everyone! I have a question. Anyone following Autodiscover leak discovered by Guardicore Labs? Will Microsoft patch it for Outlook / ActiveSync or blocking Autodiscover. domains will remain the only measure? Is there at least a CVE for this? I can't find it.
220 views07:33
Open / Comment
2021-10-13 00:50:53 Finally I started working on the CLI for Vulristics. Of course, it is not normal to edit scripts every time to release a report. This already works for MS Patch Tuesday reports:

python3.8 vulristics.py --report-type "ms_patch_tuesday" --mspt-year 2021 --mspt-month "September" --rewrite-flag "True"

I haven't generated a report for October Patch Tuesday yet, I'm waiting for a blog post from Qualys.
287 viewsedited  21:50
Open / Comment
2021-10-12 22:53:28 So far it seems that this EOP is the most hyped vulnerability in this October Patch Tuesday
268 views19:53
Open / Comment
2021-10-11 01:21:55 Hello everyone! I spent some time this weekend on my new Linux Vulnerability Scanner project (Scanvus - Simple Credentialed Authenticated Network VUlnerability Scanner ), which uses the Vulners Linux API under the hood. It can already scan remote hosts via SSH and can scan localhost. And the third functionality that I want to add to the project is scanning the docker images. I'm a little stuck here. The point is, I ideologically want to use the same bash oneliner for inventorying all Linux systems in all modes. And running it using client.containers.run seems problematic. But I hope to fix it soon. Approximate priorities (I hope I will have resources for this): scan docker images, cli, manual inventory mode, description, integration with Vulristics.
227 viewsedited  22:21
Open / Comment
2021-10-08 10:53:28 Last week I gave a “Career Navigator” talk for the students of the IT Hub College in Moscow. By the way, this college has a very interesting practical information security program. If it is relevant for you, check it out. I’ve never talked so much about myself in public. It was like giving advises to yourself from the past. An interesting experience. It took about an hour and a half. And now I will try to mention the main points.

Video:


Blogpost: https://avleonov.com/2021/10/08/career-navigator-talk-for-it-hub-college/
348 views07:53
Open / Comment
2021-10-05 20:19:31 Apache Warns of Zero-Day Exploit in the Wild — Patch You Web Servers Now!
#TheHackersNews

"Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild.
"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root," the open-source project maintainers noted in an advisory published Tuesday.
"If files outside of the document root are not protected by 'require all denied' these requests can succeed. Additionally this flaw could..."

http://feedproxy.google.com/~r/TheHackersNews/~3/cp0U2eKjQ30/apache-warns-of-zero-day-exploit-in.html
187 views17:19
Open / Comment