About Administrador

This author has not yet filled in any details.
So far Administrador has created 184 blog entries.

BlueSpy – Spying on Bluetooth conversations

By |14 Mar. 2024|

BlueSpy is a proof of concept for exploiting vulnerabilities in Bluetooth headsets and eavesdropping on private conversations The first results following the publication of BSAM, a security methodology that allows for a complete and homogeneous assessment of Bluetooth devices security, have not been long in coming. Its application has helped identify security problems in many Bluetooth headsets, showing that manufacturers must take Bluetooth security seriously to avoid, among other risks, unauthorized connections to these devices attempting to spy on conversations. Using a Python script from Linux, automating the tasks required to exploit a common vulnerability in Bluetooth devices is possible. This vulnerability allows anyone to access the Bluetooth device without alerting or notifying the owner, i.e., entirely silently. The demonstration ...

Comments Off on BlueSpy – Spying on Bluetooth conversations

CVE-2023-49785: Vulnerability in NextChat

By |12 Mar. 2024|

CVE-2023-49785 is a critical vulnerability affecting NextChat, an application that provides users with a web interface based on ChatGPT Information has been disclosed about a new critical vulnerability affecting NextChat, a chat interface used with ChatGPT. The vulnerability CVE-2023-49785 would allow a remote attacker to obtain internal access to different servers via HTTP. It would also allow an attacker to mask their IP address, as it allows NextChat to be used as an OpenProxy. NextChat is an application that allows you to easily obtain a web interface based on ChatGPT that integrates GPT3, GPT4 and Gemini PRO. Key Features The main features of this vulnerability are detailed below. CVE Identifier: CVE-2023-49785 Release Date: 11/03/2023 Affected Software: NextChat / ChatGPT-Next-Web CVSS ...

Comments Off on CVE-2023-49785: Vulnerability in NextChat

CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Vulnerabilities

By |6 Mar. 2024|

Vulnerabilities CVE-2024-27198 and CVE-2024-27199 affect TeamCity, a CI/CD management server software owned by JetBrains Two new vulnerabilities have been disclosed recently, which affect the CI/CD server JetBrains TeamCity. Vulnerabilities CVE-2024-27198 and CVE-2024-27199 allow to bypass the authentication, and one of them enables remote code execution, making it critical with a CVSS of 9.8. TeamCity is a build management and continuous integration server from JetBrains. It is a commercial software with a proprietary license which allows its limited usage for free . At Shodan, near 16.000 servers are exposed to Internet running this software. Key features CVE Identifier: CVE-2024-27198 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8 Critical) CVE Identifier: CVE-2024-27199 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L (7.3 High) Release date: 04/03/2024 Affected software: JetBrains TeamCity Affected versions ...

Comments Off on CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Vulnerabilities

CVE-2024-22024: XXE vulnerability disclosed in Ivanti products

By |14 Feb. 2024|

CVE-2024-22024 is an XML External Entity (XXE) vulnerability that allows a remote attacker to access internal files CVE-2024-22024, a new high rated vulnerability affecting Ivanti Connect Secure and Ivanti Policy Secure software has been disclosed. This software is used to connect devices to virtual private networks (VPNs). The vulnerability would allow a remote attacker to access internal files by sending maliciously crafted XML files. The situation is more serious by the fact that there is a known, publicly accessible exploit. The vulnerability CVE-2024-22024 is the latest in a series of high and critical vulnerabilities discovered in a single month (CVE-2024-21893, CVE-2024-21887, CVE-2024-21888). It is worth mentioning that the exploitation of these previous vulnerabilities has been detected in the wild, so ...

Comments Off on CVE-2024-22024: XXE vulnerability disclosed in Ivanti products

CVE-2023-7028: A critical vulnerability affecting GitLab

By |16 Jan. 2024|

Critical vulnerability CVE-2023-7028 in the open source platform GitLab allows taking control of other users' accounts A critical vulnerability has been discovered in GitLab, an open-source platform for managing git repositories. This vulnerability could allow a remote attacker to take control of other users' accounts. GitLab is an open-source platform that performs functions equivalent to those of GitHub. The company in charge of developing it maintains a version of this software in the cloud so that users can access its functions, but installing it on local servers is also possible. Key features CVE identifier: CVE-2023-7028 Release date: January 11, 2024 Affected software: GitLab CVSS score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10.0 Critical) Affected versions: 16.1 to 16.1.5 16.2 to 16.2.8 16.3 to 16.3.6 16.4 ...

Comments Off on CVE-2023-7028: A critical vulnerability affecting GitLab

Critical vulnerabilities of the ownCloud platform are being exploited in the wild

By |30 Nov. 2023|

On November 21, 2023, three critical vulnerabilities were made public (CVE-2023-49103, CVE-2023-49104, CVE-2023-49105), affecting several applications of the ownCloud online file sharing and collaboration platform. These vulnerabilities of the ownCloud platform allow a remote attacker, under certain circumstances, to obtain sensitive data such as ownCloud administrator password, mail server credentials and license key; access, modify and delete files without authentication (knowing the victim user); and bypass subdomain validation in ownCloud's oauth2. As published by GreyNoise, these vulnerabilities of the ownCloud platform have been highly exploited since November 25, 2023, mainly the one affecting the disclosure of sensitive data (CVE-2023-49103). OwnCloud is an open-source software platform designed to provide cloud storage and online collaboration services. It focuses on enabling users to ...

Comments Off on Critical vulnerabilities of the ownCloud platform are being exploited in the wild

CVE-2023-4911: The vulnerability Looney Tunables in GlibC is being actively exploited

By |23 Nov. 2023|

On October 3, 2023, Qualys published information about a high-severity local privilege escalation vulnerability in the GNU C Library (glibc), which is widely used on Linux systems. This vulnerability (CVE-2023-4911) could allow a local attacker to gain root privileges. Only two days ago, CISA, the Cybersecurity and Infrastructure Security Agency of the United States, reported that this vulnerability CVE-2023-4911 is actively being exploited. The GNU C Library defines system calls and other basic functionality that all programs that use this language require. Most current Linux distributions use this library to compile their software packages. Vulnerability CVE-2023-4911 details The following are the main details of this vulnerability: CVE identifier: CVE-2023-4911. Date published: October 3, 2023. Affected software: glibc. CVSS score: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ...

Comments Off on CVE-2023-4911: The vulnerability Looney Tunables in GlibC is being actively exploited

CVE-2023-38545: Heap overflow vulnerability in curl (SOCKS 5)

By |13 Oct. 2023|

The vulnerability CVE-2023-38545 affects curl, a command line tool and software library used to transfer data to and from a server On October 11th, 2023 the curl development team has reported a heap buffer overflow vulnerability, classified as High, affecting the handshake in the SOCKS5 proxy component. This vulnerability was reported by Jay Satiro via the HackerOne platform on September 30, 2023. Curl is a command-line tool and library used to transfer data to or from a server using various network protocols, including HTTP, HTTPS, FTP, FTPS, SCP, SFTP, LDAP, and more. The name cURL stands for Client for URLs, which indicates its primary function: to act as a client for accessing resources via URLs. What is the vulnerability? The ...

Comments Off on CVE-2023-38545: Heap overflow vulnerability in curl (SOCKS 5)

CVE-2023-42115: Vulnerabilities without security patch in Exim

By |30 Sep. 2023|

Exim has multiple critical vulnerabilities, including CVE-2023-4863, that allow attackers to run code on affected systems without authentication. Multiple vulnerabilities, one of them critical, have been revealed that affect the Exim software solution. Among the different consequences that could result from the exploitation of these vulnerabilities are remote code execution and the disclosure of sensitive information. The most critical is CVE-2023-42115, which allows remote execution over the network without authentication. Exim is a message transfer agent (MTA) developed by the University of Cambridge for use on Unix systems connected to the internet. It is an open-source software widely used as an alternative to Sendmail. It is the default MTA in Debian distributions and the most popular on the internet according ...

Comments Off on CVE-2023-42115: Vulnerabilities without security patch in Exim

Bluetooth vulnerabilities in smart locks

By |29 Sep. 2023|

Detecting and mitigating Bluetooth vulnerabilities in smart locks is critical to securing these IoT devices A smart lock is an IoT device that facilitates access by opening a door without the need for a physical key. In this second part of the analysis of a smart lock, we will focus on evaluating Bluetooth communications. We analyze the security of Bluetooth and the communications of a Yale Linus smart lock and tell you about the identified security problems. The importance of evaluating this mechanism lies in the fact that the smart lock we are analyzing is controlled from a mobile phone via Bluetooth. There are several vulnerabilities in Bluetooth technology. While BIAS and KNOB are the ones that have received the ...

Comments Off on Bluetooth vulnerabilities in smart locks

We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off in Cookies Settings

Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.

Cookies policy