Posts by:

Rajaneesh

WAF + RASP + Bot Mitigation + DDoS in Kubernetes Platform

There are many products out there that work as a WAF. WAF is not really aware of the application it is securing. There are solutions that block DDoS attacks (it needs a bit of muscle power as well). The other issue is the attack of automated bots in the system. AS of now none of the security vendors gives a full stack of protection against these attacks

Rajaneesh
Read more

Multiple vulnerabilities reported in GitLab EE

Overview :
Multiple vulnerabilities reported in GitLab EE
Affected Product(s) :
  • Affected versions are >=10.2, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
  • Affected versions are >=8.12, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
Vulnerability Details :
CVE ID : CVE-2020-13348
An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are >=10.2, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
CVE ID : CVE-2020-13349
An issue has been discovered in GitLab EE affecting all versions starting from 8.12. A regular expression related to a file path resulted in the Advanced Search feature susceptible to catastrophic backtracking. Affected versions are >=8.12, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.

Solution :

Rajaneesh
Read more

Tracking Down New WordPress Popup Injection Malware

A new variant of popup injector WordPress malware is spreading and affecting 1000s of WordPress websites. The  web master was getting once in a weekly email from visitors complaining about adult content popups on the website.

Update – Contact security@prophaze.com to clean this variant and secure your website from similar attacks

Rajaneesh
Read more
cyber security news

PRTG-Network-Monitor-Information-Disclosure

 

Overview :
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.

CVE-2020-11547
Rajaneesh
Read more

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71

Overview :
Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to alter the application&#8217;s allowable list of OS commands. This may lead to arbitrary OS command execution as the regular user runs the DPA service on the affected system.

Overview

Rajaneesh
Read more
8.3.3 allows SQL Injection

LogicalDoc before 8.3.3 allows SQL Injection

 

Overview :
LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This list could be filtered by modifying some of the parameters. Some of them are not properly sanitized which could allow an authenticated attacker to perform arbitrary queries to the database.
Rajaneesh
Read more