Aggregator

A vulnerability was found in eZ Platform Ibexa Kernel 1.3.1.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to observable timing discrepancy. This vulnerability was named CVE-2022-48366. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality in the library win32k.sys. The manipulation leads to improper access controls. This vulnerability is known as CVE-2012-0181. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

文章描述了一名安全研究人员如何通过结合开放重定向漏洞和SSRF（服务器端请求伪造）漏洞来绕过SSRF防护机制的过程。具体来说，研究人员利用第三方域的一个开放重定向漏洞将请求重定向到目标网站的内部资源（如localhost），从而触发SSRF攻击。这种攻击允许攻击者访问内部服务、扫描网络端口或获取敏感数据。文章还讨论了如何修复此类漏洞，并强调了严格限制允许的域名、验证最终目标地址以及避免开放重定向的重要性。

Pratik Dabhi分享了如何通过结合第三方开放重定向绕过SSRF保护机制的方法。他详细描述了利用目标网站的缩略图服务和第三方域名上的开放重定向漏洞来触发SSRF的过程，并讨论了修复建议。

开源情报(OSINT)通过公开资源收集信息以识别风险或提升安全。HaveIBeenPwned等免费工具可检测数据泄露，帮助保护个人信息或进行安全研究。

Bumble应用的API泄露了消息阅读状态，尽管UI显示“已送达”，但实际可获取读取信息。此漏洞由安全研究员发现并获得奖励，凸显了后端API对隐私保护的重要性。

Bumble设计中隐藏消息已读状态以保护隐私，但被发现其后端API暴露该信息，即使前端显示"已送达"。安全研究员@ndrong发现此漏洞并获600美元奖励。

渗透测试团队在复杂企业网络环境中使用Kali工具进行网络扫描和枚举，谨慎处理未知设备和服务以避免误触敏感资产。

文章介绍了开源漏洞扫描工具Nuclei及其功能，包括通过YAML模板检测和修复漏洞、支持超过8000个模板以及新增的AI功能（通过自然语言提示生成检测模板）。文章还提供了安装步骤和使用示例。

一位安全研究人员通过自研工具扫描政府网站的云存储桶，发现了多个配置错误的S3桶，其中包含超过100万份敏感文件和完全读写访问权限。报告后得到修复和感谢。

Что готовит для нас Microsoft в будущем?

《使命召唤：二战》在Xbox Game Pass上线后出现严重安全漏洞，黑客利用远程代码执行漏洞在多人游戏中入侵其他玩家电脑，发送记事本消息甚至不当内容。该版本游戏采用点对点网络而非专用服务器，导致主机易受攻击。

现代SIEM系统从简单的日志收集工具发展为强大的数字调查工具，能够高效处理大量事件数据并快速识别可疑活动。通过分析来自防火墙、DMZ和内部网络的安全事件数据，SIEM系统帮助组织及时发现和应对潜在威胁。

文章探讨了威胁建模在网络安全中的重要性及其应用。通过不同的框架（如STRIDE、PASTA、TRIKE和LINDDUN），团队可以在开发前识别潜在风险并提升安全性。这些方法不仅适用于大型企业，也适合不同规模的组织，并通过结合设计审查和自动化工具来实现更有效的威胁管理。

A vulnerability, which was classified as critical, has been found in Sophos Anti-Virus 3.4.6/3.78. This issue affects some unknown processing of the component MIME Boundary Handler. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2004-2088. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Karjasoft Sami FTP Server 1.1.3. It has been declared as problematic. This vulnerability affects unknown code in the library samiftp.dll of the file pmsystem.exe. The manipulation leads to denial of service. This vulnerability was named CVE-2004-2081. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Novell NetWare 5.1/6.0. This affects an unknown part of the file snoop.jsp. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2004-2104. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Finjan SurfinGate 6.0/6.0.1/6.0.5/7.0 and classified as critical. This vulnerability affects unknown code of the component FHTTP. The manipulation of the argument finjan-parameter-type leads to improper authentication. This vulnerability was named CVE-2004-2107. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

这篇文章介绍了HackerNoon本周的热门技术内容，涵盖AI工具开发与应用案例分析，并探讨了区块链技术与未来趋势。

A vulnerability has been found in MediaWiki up to 1.35.9/1.38.5/1.39.2 and classified as problematic. This vulnerability affects unknown code of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to denial of service. This vulnerability was named CVE-2023-29141. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.