Vulnerability Management and more

2022-04-03 03:22:59 Hello everyone! This episode will be about last week's high-profile vulnerabilities in Spring. Let's figure out what happened.

Of course, it's amazing how fragmented the software development world has become. Now there are so many technologies, programming languages, libraries and frameworks! It becomes very difficult to keep them all in sight. Especially if it's not the stack you use every day. Entropy keeps growing every year. Programmers are relying more and more on off-the-shelf libraries and frameworks, even where it may not be fully justified. And vulnerabilities in these off-the-shelf components lead to huge problems. So it was in the case of a very critical Log4Shell vulnerability, so it may be in the case of Spring vulnerabilities.

Video:


Video2 (for Russia): https://vk.com/video-149273431_456239078
Blogpost: https://avleonov.com/2022/04/03/spring4shell-spring-cloud-function-rce-and-spring-cloud-gateway-code-injection/

#Spring4Shell #SpringCloudFunction #SpringCloudGateway Open / Comment

2022-03-31 11:03:48 If you know what I mean
#SpringShell Open / Comment

2022-03-27 14:53:18 Hello everyone! In this episode, I would like to talk about #Github and how to remove sensitive information that was accidentally uploaded there.

This is a fairly common problem. When publishing the project code on Github, developers forget to remove credentials: logins, passwords, tokens. What to do if this becomes known? Well, of course, these credentials must be urgently changed.

What was publicly available on the Internet cannot be completely removed. This data is indexed and copied by some systems. But wiping it from github.com is real.

Why is it not enough to just delete the file in the Github repository? The problem is that the history of changes for the file will remain and everything will be visible there. Surprisingly, there is still no tool in the Github web interface to remove the history for a file. You have to use third-party utilities, one of them is git-filter-repo.

Video:


Video2 (for Russia): https://vk.com/video-149273431_456239077
Blogpost: https://avleonov.com/2022/03/27/how-to-remove-sensitive-information-from-github-repository/ Open / Comment

2022-03-20 01:59:36 I'm currently interested in Vulnerability Management vendors with a strong focus on the Chinese and Indian markets. Well, of course, except the global US companies that we all know. Can you help with links?

For India, I know SecPod Technologies. And well, Qualys ( just kidding).
I don't know much about China. Heard only about GOBY. But it's more like a start-up.

I would be glad to know more about the realities. Open / Comment

2022-03-14 20:37:06 Hello everyone! I am glad to greet you from the most sanctioned country in the world. Despite all the difficulties, we carry on. I even have some time to release new episodes. This time it will be about Microsoft Patch Tuesday for March 2022.

I do the analysis as usual with my open source tool Vulristics. You can still download it on github. I hope that github won’t block Russian repositories and accounts, but for now it looks possible. Most likely, I will just start hosting the sources of my projects on avleonov.com in this case. Or on another domain, if it gets even tougher. Stay tuned.

Video:


Video2 (for Russia): https://vk.com/video-149273431_456239076
Blogpost: https://avleonov.com/2022/03/14/microsoft-patch-tuesday-march-2022/
Report: https://avleonov.com/vulristics_reports/ms_patch_tuesday_march2022_report_with_comments_ext_img.html Open / Comment

2022-03-09 09:58:56 #Vulristics #DailyExploits for 2022-03-09 based on #Vulners data

1. 1337DAY-ID-37447 - part-db 0.5.11 - Remote Code Execution Exploit
2. 1337DAY-ID-37458 - Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe) Exploit
3. EDB-ID:50799 - Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE)
4. EDB-ID:50808 - Linux Kernel 5.8 < 5.16.11 - Local Privilege Escalation (DirtyPipe)
5. PACKETSTORM:166210 - Malwarebytes 4.5 Unquoted Service Path
6. PACKETSTORM:166215 - Loki RAT (Relapse) SQL Injection Open / Comment

2022-03-09 09:58:56 Public exploits for #DirtyPipe Open / Comment

2022-03-08 11:17:25 Linux distros patch 'DirtyPipe' make-me-root kernel bug
#TheRegisterNews

"A Linux local privilege escalation flaw dubbed Dirty Pipe has been discovered and disclosed along with proof-of-concept exploit code.
The flaw, CVE-2022-0847, was introduced in kernel version 5.8 and fixed in versions 5.16.11, 5.15.25 and 5.10.102.
It can be exploited by a normal logged-in user or a rogue running program to gain root-level privileges; it can also be used by malicious apps to take over vulnerable Android devices. Max Kellermann said he found the programming blunder and reported it to the kernel security team in February, which issued patches within a few days. By now these..."

https://www.theregister.com/2022/03/08/in_brief_security/ Open / Comment

2022-03-08 11:17:25 Yet another local privilege escalation in Linux. There are a lot of them this year. #DirtyPipe Open / Comment

2022-03-04 09:31:51 #Vulristics #DailyExploits for 2022-03-04 based on #Vulners data

1. 1337DAY-ID-37443 - Polkit pkexec Local Privilege Escalation Exploit
2. PACKETSTORM:166196 - Polkit pkexec Local Privilege Escalation Open / Comment