Gonçalo Valério @dethos@s.ovalerio.net
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
Joined Apr 2017
Gonçalo Valério
boosted
OpenSMTPD 6.6.4p1 security release:
https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.4p1
"An out of bounds read in smtpd allows an attacker to inject arbitrary commands into the envelope file which are then executed as root. Separately, missing privilege revocation in smtpctl allows arbitrary commands to be run with the _smtpq group."
"The impact of SSL certificate revocation on web performance" also worth reading.
"Don't touch my clipboard"
"Even if the certificate has an OCSP staple ... Chrome always sends a blocking request to the Certificate Authority's server when connecting to a website that uses an EV certificate and this request can take hundreds of milliseconds. To make things worse, if the CA's server is down, your users see an error page instead of your website."
https://www.aaronpeters.nl/blog/ev-certificates-make-the-web-slow-and-unreliable/
"Understand Group by in Django with SQL"
"CSS data exfiltration via a single injection point"
https://research.securitum.com/css-data-exfiltration-in-firefox-via-single-injection-point/
Nice example of why we should never trust user input:
https://about.gitlab.com/blog/2019/11/29/shopping-for-an-admin-account/
"... a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled. No user interaction is required ..."
https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/
Gonçalo Valério
boosted
CDPwn – 5 zero-day vulnerabilities in Cisco Discovery Protocol (CDP):
– Different Cisco products are vulnerable to denial of service attacks and remote code execution.
– See also https://kb.cert.org/vuls/id/261385/.
– CVE-2020-3110, CVE-2020-3111, CVE-2020-3118, CVE-2020-3119, CVE-2020-3120.
#cisco #cdp #zeroday #0day #vulnerability #infosec #security #cybersecurity
"Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access"
https://www.perimeterx.com/tech-blog/2020/whatsapp-fs-read-vuln-disclosure/
> Did you consider removing the installation and Google-specific tracking headers (x-client-data) that Google Chrome is sending to Google properties ?
> It's a unique ID to track a specific Chrome instance across all Google properties.
https://github.com/w3ctag/design-reviews/issues/467#issuecomment-581944600
Gonçalo Valério
boosted
TeamViewer stores user passwords encrypted, not hashed:
https://whynotsecurity.com/blog/teamviewer/
– The key and IV are publicly known and identical for all users.
– Privilege escalation is possible in certain cases (CVE-2019-18988).
#teamviewer #privilegeescalation #vulnerability #security #infosec #cybersecurity
"buffer overflow in sudo when pwfeedback is enabled"
"Does Your Domain Have a Registry Lock?"
https://krebsonsecurity.com/2020/01/does-your-domain-have-a-registry-lock/
Gonçalo Valério
boosted
[CVE-2019-14615]
"When an application uses the GPU, some private data inevitably get stored in GPU. We find the graphics driver fails to wipe them after the application finishes, so the data preserve in the GPU. Therefore, an attacker can run a GPU spyware to steal these private data."
Admin
Full-stack developer, advocate of a free, secure and safe Internet. Nature lover and sports enthusiast.
Joined Apr 2017
