harrysintonen

joined 2 years ago
sorted by: new top controversial old
Apparently #macOS now considers #Docker malware. in c/cybersecurity@fedia.io
[–] harrysintonen@infosec.exchange 4 points 2 months ago (1 children)

@g@irrelephant.co Oof, that's not good at all.

3
#curl 8.11.1 has been released. It includes a fix to #CVE_2024_11053 - a #vulnerability I discovered. (infosec.exchange)
 

#curl 8.11.1 has been released. It includes a fix to #CVE_2024_11053 - a #vulnerability I discovered.

It is a logic flaw in the way curl parses .netrc file. In certain situations, the configured password can be sent to a incorrect host. Luckily the affected configurations should be quite rare and thus the situation is unlikely to occur often.

The issue has existed in the curl source code for almost twenty-five years.

https://curl.se/docs/CVE-2024-11053.html
https://hackerone.com/reports/2829063

No AI tools were used in discovering or reporting the vulnerability.

#noai #handcrafted #infosec #cybersecurity

7
Heads up: If you've used the https://github.com/puckiestyle/CVE-2024-23113 for testing Fortinet systems vulnerable to #CVE_2024_23113: The code is broken and does not reliably check for the (infosec.exchange)
 

Heads up: If you've used the https://github.com/puckiestyle/CVE-2024-23113 for testing Fortinet systems vulnerable to #CVE_2024_23113: The code is broken and does not reliably check for the #vulnerability. #infosec #cybersecurity

In January 2022 I discovered that #Microsoft #Office365 Message #Encryption (OME) utilized Electronic Codebook (ECB) mode of operation. I reported this, got paid a $5000 bounty and then things fell in c/cybersecurity@fedia.io
[–] harrysintonen@infosec.exchange 1 points 4 months ago

@screaminggoat@infosec.exchange Yep, that's the one.

19
In January 2022 I discovered that #Microsoft #Office365 Message #Encryption (OME) utilized Electronic Codebook (ECB) mode of operation. I reported this, got paid a $5000 bounty and then things fell (fedia.io)
 

In January 2022 I discovered that #Microsoft #Office365 Message #Encryption (OME) utilized Electronic Codebook (ECB) mode of operation. I reported this, got paid a $5000 bounty and then things fell dead silent. By autumn I tried to follow up on this, and after numerous attempts to inquire about the schedule for a fix I was told that no fix was planned.

Luckily, Microsoft seems to have changed their mind about this, and the fix was applied in late 2023, after all:

https://learn.microsoft.com/en-us/purview/technical-reference-details-about-encryption#aes256-cbc-support-for-microsoft-365

#vulnerability #infosec #cybersecurity

10
New Finnish #windpower production record (>7 GW) today due to a winter storm. https://www.fingrid.fi/en/electricity-market/power-system/ #greenenergy #energy #FloatingIsFun (fedia.io)
 

New Finnish #windpower production record (>7 GW) today due to a winter storm. https://www.fingrid.fi/en/electricity-market/power-system/ #greenenergy #energy #FloatingIsFun

12
Disclosing details of a #vulnerability I discovered 1 year ago: (fedia.io)
 

Disclosing details of a #vulnerability I discovered 1 year ago:

N-able Ecosystem Agent Improper Certificate Validation #CVE_2024_5445 vulnerability leads to #RCE as SYSTEM user.

Vulnerability details: https://sintonen.fi/advisories/n-able-ecosystem-agent-improper-certificate-validation.txt

N-able has rated this vulnerability CVSS 3.8, but the practical impact of this vulnerability is grave as it allows attackers in privileged network position to fully compromise vulnerable systems. While arguing for such low score N-able presentative stated that: "The vulnerability reported does not constitute an RCE, the Ecosystem agent is designed to run installation packages in a privileged context and the agent is doing what it should do when it receives such packages to install over the APIs."

I think this is somewhat disingenuous.

#infosec #cybersecurity

view more: ‹ prev next ›