VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
name: WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure
5
+
author: arafatansari
6
+
severity: high
7
+
description: |
8
+
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
name: Zimbra Collaboration Suite - Unauthenticated RCE
5
+
author: _0xf4n9x_,For3stCo1d
6
+
severity: critical
7
+
description: |
8
+
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. This issue exists because of an incomplete fix for CVE-2022-27925.
Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system.
Rsync is a fast and extraordinarily versatile file copying tool. It can copy locally, to/from another host over any remote shell, or to/from a remote rsync daemon.
The "EXPN" can be used by attackers to learn about valid usernames on the target system. On some SMTP servers, EXPN can be used to show the subscribers of a mailing list subscription lists are generally considered to be sensitive information.
Using the Internet's File Transfer Protocol (FTP), anonymous FTP is a method for giving users access to files so that they don't need to identify themselves to the server.
iPlanet Messaging Server is a powerful, standards-based Internet messaging server designed for high-capacity, reliable handling of the messaging needs.
A security vulnerability in the Remote Method Invocation component of the Java Runtime Environment allows unauthenticated network attacks which can result in unauthorized operating system takeover including arbitrary code execution.
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options.
SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to comprimise large-scale systems.
SMTP is part of the application layer of the TCP/IP protocol. Using a process called “store and forward,” SMTP moves your email on and across networks.
STARTTLS is an email protocol command that tells an email server that an email client, including an email client running in a web browser, wants to turn an existing insecure connection into a secure one.
Anonymous FTP access allows anyone to access your public_ftp folder, allowing unidentified visitors to download (and possibly upload) files on your website. Anonymous FTP creates the potential for a security hole for hackers and is not recommended.
The IIOP (Internet Inter-ORB Protocol) protocol makes it possible for distributed programs written in different programming languages to communicate over the Internet.
The notion of a "cluster" or "fleet" of instances that may be serving the same site and sharing certificates, etc, is tied to storage. Simply, any instances that use the same storage facilities are considered part of the cluster. So if you deploy 100 instances of CertMagic behind a load balancer, they are all part of the same cluster if they share the same storage configuration. Sharing storage could be mounting a shared folder, or implementing some other distributed storage system such as a database server or KV store.
447
447
448
-
The easiest way to change the storage being used is to set `certmagic.DefaultStorage` to a value that satisfies the [Storage interface](https://pkg.go.dev/github.com/caddyserver/certmagic?tab=doc#Storage). Keep in mind that a valid `Storage` must be able to implement some operations atomically in order to provide locking and synchronization.
448
+
The easiest way to change the storage being used is to set `certmagic.Default.Storage` to a value that satisfies the [Storage interface](https://pkg.go.dev/github.com/caddyserver/certmagic?tab=doc#Storage). Keep in mind that a valid `Storage` must be able to implement some operations atomically in order to provide locking and synchronization.
449
449
450
450
If you write a Storage implementation, please add it to the [project wiki](https://github.com/caddyserver/certmagic/wiki/Storage-Implementations) so people can find it!
451
451
skipped 2 lines
454
454
455
455
All of the certificates in use are de-duplicated and cached in memory for optimal performance at handshake-time. This cache must be backed by persistent storage as described above.
456
456
457
-
Most applications will not need to interact with certificate caches directly. Usually, the closest you will come is to set the package-wide `certmagic.DefaultStorage` variable (before attempting to create any Configs). However, if your use case requires using different storage facilities for different Configs (that's highly unlikely and NOT recommended! Even Caddy doesn't get that crazy), you will need to call `certmagic.NewCache()` and pass in the storage you want to use, then get new `Config` structs with `certmagic.NewWithCache()` and pass in the cache.
457
+
Most applications will not need to interact with certificate caches directly. Usually, the closest you will come is to set the package-wide `certmagic.Default.Storage` variable (before attempting to create any Configs)whichdefineshowthecacheispersisted. However, if your use case requires using different storage facilities for different Configs (that's highly unlikely and NOT recommended! Even Caddy doesn't get that crazy), you will need to call `certmagic.NewCache()` and pass in the storage you want to use, then get new `Config` structs with `certmagic.NewWithCache()` and pass in the cache.
458
458
459
459
Again, if you're needing to do this, you've probably over-complicated your application design.
GFNI // Galois Field New Instructions.Mayrequireotherfeatures(AVX,AVX512VL,AVX512F)basedonusage.
115
118
HLE // Hardware Lock Elision
119
+
HRESET // If set CPU supports history reset and the IA32_HRESET_ENABLE MSR
116
120
HTT // Hyperthreading (enabled)
117
121
HWA // Hardware assert supported. Indicates support for MSRC001_10
118
122
HYPERVISOR // This bit has been reserved by Intel & AMD for use by hypervisors
skipped 7 lines
126
130
IBSOPSAM // Instruction Based Sampling Feature (AMD)
127
131
IBSRDWROPCNT // Instruction Based Sampling Feature (AMD)
128
132
IBSRIPINVALIDCHK // Instruction Based Sampling Feature (AMD)
133
+
IBS_PREVENTHOST // Disallowing IBS use by the host supported
129
134
INT_WBINVD // WBINVD/WBNOINVD are interruptible.
130
135
INVLPGB // NVLPGB and TLBSYNC instruction supported
131
136
LAHF // LAHF/SAHF in long mode
137
+
LAM // If set, CPU supports Linear Address Masking
138
+
LBRVIRT // LBR virtualization
132
139
LZCNT // LZCNT instruction
133
140
MCAOVERFLOW // MCA overflow recovery support.
134
141
MCOMMIT // MCOMMIT instruction supported
skipped 2 lines
137
144
MOVBE // MOVBE instruction (big-endian)
138
145
MOVDIR64B // Move 64 Bytes as Direct Store
139
146
MOVDIRI // Move Doubleword as Direct Store
147
+
MOVSB_ZL // Fast Zero-Length MOVSB
140
148
MPX // Intel MPX (Memory Protection Extensions)
141
149
MSRIRC // Instruction Retired Counter MSR available
150
+
MSR_PAGEFLUSH // Page Flush MSR available
151
+
NRIPS // Indicates support for NRIP save on VMEXIT
142
152
NX // NX (No-Execute) bit
143
153
OSXSAVE // XSAVE enabled by OS
154
+
PCONFIG // PCONFIG for Intel Multi-Key Total Memory Encryption
144
155
POPCNT // POPCNT instruction
145
156
RDPRU // RDPRU instruction supported
146
157
RDRAND // RDRAND instruction is available
skipped 3 lines
150
161
RTM_ALWAYS_ABORT // Indicates that the loaded microcode is forcing RTM abort.
151
162
SCE // SYSENTER and SYSEXIT instructions
152
163
SERIALIZE // Serialize Instruction Execution
164
+
SEV // AMD Secure Encrypted Virtualization supported
165
+
SEV_64BIT // AMD SEV guest execution only allowed from a 64-bit host
166
+
SEV_ALTERNATIVE // AMD SEV Alternate Injection supported
167
+
SEV_DEBUGSWAP // Full debug state swap supported for SEV-ES guests
168
+
SEV_ES // AMD SEV Encrypted State supported
169
+
SEV_RESTRICTED // AMD SEV Restricted Injection supported
170
+
SEV_SNP // AMD SEV Secure Nested Paging supported
153
171
SGX // Software Guard Extensions
154
172
SGXLC // Software Guard Extensions Launch Control
155
173
SHA // Intel SHA Extensions
174
+
SME // AMD Secure Memory Encryption supported
175
+
SME_COHERENT // AMD Hardware cache coherency across encryption domains enforced
156
176
SSE // SSE functions
157
177
SSE2 // P4 SSE functions
158
178
SSE3 // Prescott SSE3 functions
skipped 2 lines
161
181
SSE4A // AMD Barcelona microarchitecture SSE4a instructions
162
182
SSSE3 // Conroe SSSE3 functions
163
183
STIBP // Single Thread Indirect Branch Predictors
184
+
STOSB_SHORT // Fast short STOSB
164
185
SUCCOR // Software uncorrectable error containment and recovery capability.
186
+
SVM // AMD Secure Virtual Machine
187
+
SVMDA // Indicates support for the SVM decode assists.
188
+
SVMFBASID // SVM, Indicates that TLB flush events, including CR3 writes and CR4.PGE toggles, flush only the current ASID's TLB entries. Also indicates support for the extended VMCBTLB_Control
189
+
SVML // AMD SVM lock. Indicates support for SVM-Lock.
190
+
SVMNP // AMD SVM nested paging
191
+
SVMPF // SVM pause intercept filter. Indicates support for the pause intercept filter
192
+
SVMPFT // SVM PAUSE filter threshold. Indicates support for the PAUSE filter cycle count threshold
165
193
TBM // AMD Trailing Bit Manipulation
194
+
TME // Intel Total Memory Encryption. The following MSRs are supported: IA32_TME_CAPABILITY, IA32_TME_ACTIVATE, IA32_TME_EXCLUDE_MASK, and IA32_TME_EXCLUDE_BASE.
195
+
TSCRATEMSR // MSR based TSC rate control. Indicates support for MSR TSC ratio MSRC000_0104
This package is effectively in maintenance mode and is not actively developed. Small patches and features are only rarely reviewed and merged. We recommend using [pgx](https://github.com/jackc/pgx) which is actively maintained.
30
+
This package is currently in maintenance mode, which means:
31
+
1. It generally does not accept new features.
32
+
2. It does accept bug fixes and version compatability changes provided by the community.
33
+
3. Maintainers usually do not resolve reported issues.
34
+
4. Community members are encouraged to help each other with reported issues.
35
+
36
+
For users that require new features or reliable resolution of reported bugs, we recommend using [pgx](https://github.com/jackc/pgx) which is under active development.
ErrInFailedTransaction = errors.New("pq: Could not complete operation in a failed transaction")
33
33
ErrSSLNotSupported = errors.New("pq: SSL is not enabled on the server")
34
-
ErrSSLKeyHasWorldPermissions = errors.New("pq: Private key file has group or world access. Permissions should be u=rw (0600) or less")
35
-
ErrCouldNotDetectUsername = errors.New("pq: Could not detect default username. Please provide one explicitly")
34
+
ErrSSLKeyUnknownOwnership = errors.New("pq: Could not get owner information for private key, may not be properly protected")
35
+
ErrSSLKeyHasWorldPermissions = errors.New("pq: Private key has world access. Permissions should be u=rw,g=r (0640) if owned by root, or u=rw (0600), or less")
36
+
37
+
ErrCouldNotDetectUsername = errors.New("pq: Could not detect default username. Please provide one explicitly")
The `acmez` package is "bring-your-own-solver." It provides helper utilities for http-01, dns-01, and tls-alpn-01 challenges, but does not actually solve them for you. You must write an implementation of `acmez.Solver` in order to get certificates. How this is done depends on the environment in which you're using this code.
35
+
36
+
## Examples
37
+
38
+
See the [`examples` folder](https://github.com/mholt/acmez/tree/master/examples) for tutorials on how to use either package. **Most users should follow the [porcelain guide](https://github.com/mholt/acmez/blob/master/examples/porcelain/main.go).**
36
39
37
-
This is not a command line utility either. The goal is to not add more external tooling to already-complex infrastructure: ACME and TLS should be built-in to servers rather than tacked on as an afterthought.
38
40
41
+
## Challenge solvers
39
42
40
-
## Examples
43
+
The `acmez` package is "bring-your-own-solver." It provides helper utilities for http-01, dns-01, and tls-alpn-01 challenges, but does not actually solve them for you. You must write or use an implementation of [`acmez.Solver`](https://pkg.go.dev/github.com/mholt/acmez#Solver) in order to get certificates. How this is done depends on your environment/situation.
44
+
45
+
However, you can find [a general-purpose dns-01 solver in CertMagic](https://pkg.go.dev/github.com/caddyserver/certmagic#DNS01Solver), which uses [libdns](https://github.com/libdns) packages to integrate with numerous DNS providers. You can use it like this:
See the `examples` folder for tutorials on how to use either package.
60
+
If you're implementing a tls-alpn-01 solver, the `acmez` package can help. It has the constant [`ACMETLS1Protocol`](https://pkg.go.dev/github.com/mholt/acmez#pkg-constants) which you can use to identify challenge handshakes by inspecting the ClientHello's ALPN extension. Simply complete the handshake using a certificate from the [`acmez.TLSALPN01ChallengeCert()`](https://pkg.go.dev/github.com/mholt/acmez#TLSALPN01ChallengeCert) function to solve the challenge.