CybersecKyle<p>CISA Adds One Known Exploited Vulnerability to Catalog <a href="https://www.cisa.gov/news-events/alerts/2025/07/18/cisa-adds-one-known-exploited-vulnerability-catalog" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/alerts/20</span><span class="invisible">25/07/18/cisa-adds-one-known-exploited-vulnerability-catalog</span></a></p><p><a href="https://infosec.exchange/tags/KEV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KEV</span></a> <a href="https://infosec.exchange/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a></p>
toot.wales is one of the many independent Mastodon servers you can use to participate in the fediverse.
We are the Open Social network for Wales and the Welsh, at home and abroad! Y rhwydwaith cymdeithasol annibynnol i Gymru, wedi'i bweru gan Mastodon!
Administered by:
Server stats:
608active users
toot.wales: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#cves
0 posts · 0 participants · 0 posts today
openSUSE Linux<p>June’s <a href="https://fosstodon.org/tags/Tumbleweed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tumbleweed</span></a> update addresses <a href="https://fosstodon.org/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> in libsoup, Firefox, <a href="https://fosstodon.org/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a>, libssh, <a href="https://fosstodon.org/tags/ClamAV" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClamAV</span></a>, GDM, Salt & more. Keeping your system safe. Ensure you update and use snapper for peace-of-mind rollbacks. Stay secure! <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://fosstodon.org/tags/openSUSE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSUSE</span></a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://news.opensuse.org/2025/07/03/tw-monthly-update-june/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2025/07/03/t</span><span class="invisible">w-monthly-update-june/</span></a></p>
Hacker News<p>Slowing the flow of core-dump-related CVEs</p><p><a href="https://lwn.net/SubscriberLink/1024160/f18b880c8cd1eef1/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lwn.net/SubscriberLink/1024160</span><span class="invisible">/f18b880c8cd1eef1/</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/Slowing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Slowing</span></a> <a href="https://mastodon.social/tags/the" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>the</span></a> <a href="https://mastodon.social/tags/flow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>flow</span></a> <a href="https://mastodon.social/tags/of" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>of</span></a> <a href="https://mastodon.social/tags/core" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>core</span></a>-dump-related <a href="https://mastodon.social/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://mastodon.social/tags/core" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>core</span></a>-dump <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a></p>
Pyrzout :vm:<p>This Week in Security: Roundcube, Unified Threat Naming, and AI Chat Logs <a href="https://hackaday.com/2025/06/06/this-week-in-security-roundcube-unified-threat-naming-and-ai-chat-logs/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/06/06/this-w</span><span class="invisible">eek-in-security-roundcube-unified-threat-naming-and-ai-chat-logs/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://social.skynetcloud.site/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Pyrzout :vm:<p>This Week in Security: CIA Star Wars, Git* Prompt Injection and More <a href="https://hackaday.com/2025/05/30/this-week-in-security-cia-star-wars-git-prompt-injection-and-more/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/05/30/this-w</span><span class="invisible">eek-in-security-cia-star-wars-git-prompt-injection-and-more/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/WindowsRegistry" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsRegistry</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://social.skynetcloud.site/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Pyrzout :vm:<p>This Week in Security: Signal DRM, Modern Phone Phreaking, and the Impossible SSH RCE <a href="https://hackaday.com/2025/05/23/this-week-in-security-signal-drm-modern-phone-phreaking-and-the-impossible-ssh-rce/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/05/23/this-w</span><span class="invisible">eek-in-security-signal-drm-modern-phone-phreaking-and-the-impossible-ssh-rce/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/phreaking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phreaking</span></a> <a href="https://social.skynetcloud.site/tags/recall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>recall</span></a> <a href="https://social.skynetcloud.site/tags/signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>signal</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://social.skynetcloud.site/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Pyrzout :vm:<p>This Week in Security: Lingering Spectre, Deep Fakes, and CoreAudio <a href="https://hackaday.com/2025/05/16/this-week-in-security-lingering-spectre-deep-fakes-and-coreaudio/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/05/16/this-w</span><span class="invisible">eek-in-security-lingering-spectre-deep-fakes-and-coreaudio/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/Spectre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spectre</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://social.skynetcloud.site/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a></p>
Pyrzout :vm:<p>This Week in Security: XRP Poisoned, MCP Bypassed, and More <a href="https://hackaday.com/2025/04/25/this-week-in-security-xrp-poisoned-mcp-bypassed-and-more/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/04/25/this-w</span><span class="invisible">eek-in-security-xrp-poisoned-mcp-bypassed-and-more/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/supplychainattack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplychainattack</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> <a href="https://social.skynetcloud.site/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mcp</span></a></p>
Pyrzout :vm:<p>This Week in Security: No More CVEs, 4chan, and Recall Returns <a href="https://hackaday.com/2025/04/18/this-week-in-security-no-more-cves-4chan-and-recall-returns/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/04/18/this-w</span><span class="invisible">eek-in-security-no-more-cves-4chan-and-recall-returns/</span></a> <a href="https://social.skynetcloud.site/tags/ThisWeekinSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThisWeekinSecurity</span></a> <a href="https://social.skynetcloud.site/tags/HackadayColumns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackadayColumns</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/recall" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>recall</span></a> <a href="https://social.skynetcloud.site/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mitre</span></a> <a href="https://social.skynetcloud.site/tags/Vibes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vibes</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a></p>
Packet-lost soul<p>bye bye CVEs tomorrow 😔 everyone back to bugtraq like the good old days 😉 I actually like how it was done in bugtraq etc <a href="https://en.wikipedia.org/wiki/Bugtraq" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">en.wikipedia.org/wiki/Bugtraq</span><span class="invisible"></span></a> <a href="https://hispagatos.space/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://hispagatos.space/tags/cves" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cves</span></a> <a href="https://hispagatos.space/tags/bugtraq" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugtraq</span></a> <a href="https://hispagatos.space/tags/usenet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usenet</span></a> <br><a href="https://hispagatos.space/tags/goodoldays" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>goodoldays</span></a> <a href="https://hispagatos.space/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://hispagatos.space/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Peter N. M. Hansteen<p>No Project Is an Island: Why You Need SBOMs and Dependency Management <a href="https://nxdomain.no/~peter/no_project_is_an_island.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nxdomain.no/~peter/no_project_</span><span class="invisible">is_an_island.html</span></a> <a href="https://mastodon.social/tags/sbom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sbom</span></a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>development</span></a> <a href="https://mastodon.social/tags/dependencies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dependencies</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/cves" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cves</span></a> The system you develop and maintain does not exist in isolation. Providing SBOMs for our work is our way to show we care.</p>
Pyrzout :vm:<p>40,000+ CVEs Published In 2024, Marking A 38% Increase From 2023 <a href="https://cybersecuritynews.com/40000-cves-published-in-2024/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cybersecuritynews.com/40000-cv</span><span class="invisible">es-published-in-2024/</span></a> <a href="https://social.skynetcloud.site/tags/ComputerVulnerabilityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComputerVulnerabilityNews</span></a> <a href="https://social.skynetcloud.site/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/VulnerabilityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a></p>
Norman Wilson<p>Goddamn it, <a href="https://mstdn.ca/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ubuntu</span></a> and <a href="https://mstdn.ca/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Debian</span></a> and everyone involved in reporting <a href="https://mstdn.ca/tags/cves" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cves</span></a>: if your description of the problem is just an obscure sentence or two about kernel subroutine names and detailed code fixes, it's not a useful description at all, and you're not doing your goddamn job.</p><p>Tell me what the impact is. Tell me whether it can be exploited by an unprivileged local user or over the network, and whether the risk is just a crash or resource exhaustion or code insertion. Tell me what I need to know.</p>
Jason Reed<p><span class="h-card" translate="no"><a href="https://mastodon.social/@andrewnez" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>andrewnez</span></a></span> cool concept, I think it would be a big help when triaging reports from the <a href="https://toot.community/tags/DependencyTrack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DependencyTrack</span></a> from <a href="https://toot.community/tags/OWASP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP</span></a>. While I would want to identify critical <a href="https://toot.community/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> I also need to know the likelihood that a less serious CVE has a higher possibility to be targeted.</p>
openSUSE Linux<p>Find out what <a href="https://fosstodon.org/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> were fixed and what <a href="https://fosstodon.org/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>software</span></a> packages updated in <span class="h-card" translate="no"><a href="https://fosstodon.org/@opensuse" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>opensuse</span></a></span> Tumbleweed during the month of <a href="https://fosstodon.org/tags/March" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>March</span></a>. <a href="https://news.opensuse.org/2024/03/28/tw-monthly-update-march/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2024/03/28/t</span><span class="invisible">w-monthly-update-march/</span></a></p>
Julien M.<blockquote>Posts on <a class="hashtag" href="https://pleroma.autogeree.net/tag/hackernews" rel="nofollow noopener" target="_blank">#HackerNews</a> from someone who says they work for <a class="hashtag" href="https://pleroma.autogeree.net/tag/f5" rel="nofollow noopener" target="_blank">#F5</a>, suggests this is down to <a class="hashtag" href="https://pleroma.autogeree.net/tag/f5" rel="nofollow noopener" target="_blank">#F5</a> allocating <a class="hashtag" href="https://pleroma.autogeree.net/tag/cves" rel="nofollow noopener" target="_blank">#CVEs</a> to security bugs, and Maxim not wanting that to happen, with some nuance around the features with the security bugs being experimental in nature.<br></blockquote><a href="https://news.ycombinator.com/item?id=39374327" rel="nofollow noopener" target="_blank">https://news.ycombinator.com/item?id=39374327</a><br><a href="https://news.ycombinator.com/item?id=39374312" rel="nofollow noopener" target="_blank">https://news.ycombinator.com/item?id=39374312</a>
openSUSE Linux<p>Major updates hit <span class="h-card" translate="no"><a href="https://fosstodon.org/@opensuse" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>opensuse</span></a></span> Tumbleweed! <a href="https://fosstodon.org/tags/pipewire" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pipewire</span></a>'s 1.0 'El Presidente' struts in, along with <a href="https://fosstodon.org/tags/firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firefox</span></a> 120.0! Presidential <a href="https://fosstodon.org/tags/pipewire" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pipewire</span></a> brings audio magic while <a href="https://fosstodon.org/tags/firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firefox</span></a> squashes <a href="https://fosstodon.org/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a>. <a href="https://news.opensuse.org/2023/11/30/major-version-of-pipewire-ff-arrive-in-tw/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.opensuse.org/2023/11/30/m</span><span class="invisible">ajor-version-of-pipewire-ff-arrive-in-tw/</span></a></p>
Harry Sintonen<p><span class="h-card"><a href="https://chaos.social/@icing" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>icing</span></a></span> I can't see that being a solution. <a href="https://infosec.exchange/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> should be assigned and must be made public to be able to refer to things with specific identifiers.</p><p>I still think that in general CVE system works great. In most cases the researchers and projects are doing a great job assigning the suggested rating, too. I don't know what is going wrong with <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> with their wildly erratic <a href="https://infosec.exchange/tags/CVSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVSS</span></a> assignment, but that seems to be the biggest problem here.</p><p>To be fair, there are issues elsewhere as well, but <a href="https://infosec.exchange/tags/NVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NVD</span></a> seems to have been popping up a lot recently with these obviously incorrect ratings. I'm afraid there is little that can be done outside of <a href="https://infosec.exchange/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NIST</span></a> to fix this.</p>
Fabian ¯\_(ツ)_/¯<p>Next up at <a href="https://chaos.social/tags/kubecon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubecon</span></a>: "The next log4shell?! - Preparing for <a href="https://chaos.social/tags/CVEs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEs</span></a> with <a href="https://chaos.social/tags/eBPF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eBPF</span></a>!". Already looking forward listening to it.</p>
K. Reid Wightman :verified: 🌻 :donor:<p>In addition to duplicate CVEs, 'the industry' also has some amusing CVE mis-assignment.</p><p>Recently CVE-2017-9833 and CVE-2021-33558 were brought up as attack vectors in a campaign against liquified natural gas victims.</p><p>Both CVEs, it turns out, are mis-attributed to the open source Boa webserver. I am pretty darned confident that neither CVE actually applies to the Boa codebase. And I'm not the only one to notice (see all the way at the end, some actually famous infosec friend noticed one of them). </p><p>Let's take a look:</p><p>CVE-2017-9833 is stated to be a vulnerability in Boa webserver 0.94.14rc21. The vulnerability description ( <a href="https://nvd.nist.gov/vuln/detail/CVE-2017-9833" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nvd.nist.gov/vuln/detail/CVE-2</span><span class="invisible">017-9833</span></a> ) is very odd though: apparently it is a directory traversal in a specific CGI handler called /cgi-bin/wapopen . The variable itself is called 'FILECAMERA'. This appears to be a vulnerability in a specific IP camera, not Boa itself. To wit, you can retrieve the original source package for Boa 0.94.14rc21 and search all of the files for the variable 'FILECAMERA' and there is no mention of this variable. Of course it would be very odd for a generic web server to include any cgi handlers — sure you’d expect a generic mechanism to bolt on your own CGI applications but unless there is some ‘test’ application for demonstrating CGI, we wouldn’t expect such a vulnerability to be in the web server itself. A quick check of exposed webservers for the /cgi-bin/wapopen URL shows that they 404 (as we’d expect).</p><p>CVE-2021-33558 is likewise very odd. It is stated to be a vulnerability in Boa webserver 0.94.13. The minimal writeup and public proof of concept just indicate that a few HTML and JS files are exposed without authentication. Again, these are files that are on some specific device firmware. Boa itself does not include a ‘backup.html’ or a ‘preview.html’ or ‘js/log.js’, or any of the files included in the advisory. This is a mistake in one particular device, not in Boa itself. And again if we try to load some of these files on generic Boa webservers, we get a 404.</p><p>Fixing all of this in the public literature is likely an impossible task since we are not the original researchers? First we have to identify exactly what devices the researchers were looking at, and then get those researchers to publish new advisories I guess. In the case of CVE-2017-9833, the researcher has no public point of contact, which is unfortunate. In the case of CVE-2021-33558, our friend attrition (does anyone know if he’s on some mastodon instance?) already tried to get some confirmation because they spotted the same thing we did. There doesn’t seem to be any update though ( <a href="https://github.com/mdanzaruddin/CVE-2021-33558./issues/1" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/mdanzaruddin/CVE-20</span><span class="invisible">21-33558./issues/1</span></a> ).</p><p>The bigger picture? If we toss a firmware with Boa into a vulnerability scanning tool, or even run a network scanning tool against a device with Boa, it’s probably going to flag the web server as vulnerable even though it isn’t. And that’s almost not the scanning tool’s fault: it’s really a problem with CVE mis-assignment.</p><p>If you made it this far, thanks for listening to my rant. ⭐</p><p><a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> <a href="https://infosec.exchange/tags/cves" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cves</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/sbom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sbom</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload