Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Diaries by Keyword Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

CVE 2014 0160

2014-04-08Guy BruneauOpenSSL CVE-2014-0160 Fixed

CVE

2021-02-24/a>Brad DuncanMalspam pushes GuLoader for Remcos RAT
2021-01-11/a>Rob VandenBrinkUsing the NVD Database and API to Keep Up with Vulnerabilities and Patches - Tool Drop: CVEScan (Part 3 of 3)
2021-01-07/a>Rob VandenBrinkUsing the NIST Database and API to Keep Up with Vulnerabilities and Patches (Part 1 of 3)
2021-01-07/a>Rob VandenBrinkDirectly related to today's main story on CPE/CVEs - Code Exec in Cisco Jabber, all platforms https://nvd.nist.gov/vuln/detail/CVE-2020-26085
2020-12-18/a>Jan KoprivaA slightly optimistic tale of how patching went for CVE-2019-19781
2020-11-21/a>Guy BruneauVMware privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005) - https://www.vmware.com/security/advisories/VMSA-2020-0026.html
2020-11-16/a>Jan KoprivaHeartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore
2020-10-29/a>Johannes UllrichPATCH NOW: CVE-2020-14882 Weblogic Actively Exploited Against Honeypots
2020-10-28/a>Jan KoprivaSMBGhost - the critical vulnerability many seem to have forgotten to patch
2020-08-08/a>Guy BruneauScanning Activity Include Netcat Listener
2020-08-04/a>Johannes UllrichReminder: Patch Cisco ASA / FTD Devices (CVE-2020-3452). Exploitation Continues
2020-07-22/a>Rick WannerA few IoCs related to CVE-2020-5902
2020-07-15/a>Johannes UllrichPATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability
2020-07-06/a>Johannes UllrichSummary of CVE-2020-5902 F5 BIG-IP RCE Vulnerability Exploits
2020-05-28/a>Xavier MertensFlashback on CVE-2019-19781
2020-05-14/a>Rob VandenBrinkPatch Tuesday Revisited - CVE-2020-1048 isn't as "Medium" as MS Would Have You Believe
2020-01-16/a>Bojan ZdrnjaSumming up CVE-2020-0601, or the Let?s Decrypt vulnerability
2020-01-15/a>Johannes UllrichCVE-2020-0601 Followup
2020-01-13/a>Didier StevensCitrix ADC Exploits: Overview of Observed Payloads
2020-01-11/a>Johannes UllrichCitrix ADC Exploits are Public and Heavily Used. Attempts to Install Backdoor
2020-01-07/a>Johannes UllrichA Quick Update on Scanning for CVE-2019-19781 (Citrix ADC / Gateway Vulnerability)
2019-11-06/a>Brad DuncanMore malspam pushing Formbook
2019-06-19/a>Johannes UllrichCritical Actively Exploited WebLogic Flaw Patched CVE-2019-2729
2019-05-22/a>Johannes UllrichAn Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-04-28/a>Johannes UllrichUpdate about Weblogic CVE-2019-2725 (Exploits Used in the Wild, Patch Status)
2019-03-09/a>Guy BruneauA Comparison Study of SSH Port Activity - TCP 22 & 2222
2019-02-02/a>Guy BruneauScanning for WebDAV PROPFIND Exploiting CVE-2017-7269
2018-08-20/a>Didier StevensOpenSSH user enumeration (CVE-2018-15473)
2018-05-22/a>Guy BruneauVMware updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue - https://www.vmware.com/security/advisories/VMSA-2018-0012.html
2018-05-04/a>Lorna HutchesonVulnerabilities on the Rise?
2017-12-30/a>Xavier Mertens2017, The Flood of CVEs
2017-05-18/a>Xavier MertensMy Little CVE Bot
2016-10-22/a>Guy BruneauRequest for Packets TCP 4786 - CVE-2016-6385
2016-07-17/a>Guy BruneauJuniper -> Junos: Self-signed certificate with spoofed trusted Issuer CN accepted as valid - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10755&actp=search
2016-02-13/a>Guy BruneauVMware VMSA-2015-0007.3 has been Re-released
2016-01-31/a>Guy BruneauOpenSSL 1.0.2 Advisory and Update
2016-01-30/a>Xavier MertensAll CVE Details at Your Fingertips
2015-07-12/a>Guy BruneauPHP 5.x Security Updates
2015-06-16/a>John BambenekCVE-2014-4114 and an Interesting AV Bypass Technique
2015-04-15/a>Johannes UllrichMS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW
2015-01-27/a>Johannes UllrichNew Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-09-25/a>Johannes UllrichUpdate on CVE-2014-6271: Vulnerability in bash (shellshock)
2014-09-24/a>Pedro BuenoAttention *NIX admins, time to patch!
2014-06-12/a>Guy BruneauBIND Security Update for CVE-2014-3859
2014-06-12/a>Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-04-08/a>Guy BruneauOpenSSL CVE-2014-0160 Fixed
2014-03-24/a>Johannes UllrichNew Microsoft Advisory: Unpatched Word Flaw used in Targeted Attacks
2014-03-02/a>Stephen HallSymantec goes yellow
2013-10-01/a>John Bambenek*Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893
2013-09-20/a>Russ McReeThreat Level Yellow: Protection recommendations regarding Internet Explorer exploits in the wild
2013-08-16/a>Kevin ListonCVE-2013-2251 Apache Struts 2.X OGNL Vulnerability
2013-06-01/a>Guy BruneauExploit Sample for Win32/CVE-2012-0158
2013-05-20/a>Guy BruneauSafe - Tools, Tactics and Techniques
2013-05-09/a>Johannes UllrichMicrosoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140
2013-02-11/a>John BambenekOpenSSL 1.0.1e Released with Corrected fix for CVE-2013-1069, more here: http://www.openssl.org/
2013-01-19/a>Guy BruneauJava 7 Update 11 Still has a Flaw
2013-01-04/a>Guy Bruneau"FixIt" Patch for CVE-2012-4792 Bypassed
2012-09-23/a>Tony CarothersUpdate for CVE-2012-3132
2012-06-20/a>Raul SilesCVE-2012-0217 (from MS12-042) applies to other environments too
2012-06-18/a>Guy BruneauCVE-2012-1875 exploit is now available
2012-05-25/a>Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-04-19/a>Kevin ShorttOpenSSL Security Advisory - CVE-2012-2110
2012-02-09/a>Richard PorterDNS Ghost Domains, How I loath you so!
2012-01-12/a>Rob VandenBrinkPHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-10-06/a>Rob VandenBrinkApache HTTP Server mod_proxy reverse proxy issue
2011-05-27/a>Kevin ListonManaging CVE-0
2011-04-28/a>Chris MohanGathering and use of location information fears - or is it all a bit too late
2011-02-23/a>Manuel Humberto Santander PelaezBind DOS vulnerability (CVE-2011-0414)
2010-11-16/a>Guy Bruneau OpenSSL TLS Extension Parsing Race Condition
2010-10-30/a>Guy BruneauSecurity Update for Shockwave Player
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-09-17/a>Robert DanfordCirca 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-25/a>Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-07-20/a>Manuel Humberto Santander PelaeziTunes buffer overflow vulnerability
2010-06-15/a>Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-01-19/a>Jim ClausingThe IE saga continues, out-of-cycle patch coming soon
2010-01-15/a>Kevin ListonExploit code available for CVE-2010-0249
2010-01-12/a>Adrien de BeauprePoC for CVE-2009-0689 MacOS X 10.5/10.6 vulnerability
2010-01-04/a>Bojan ZdrnjaSophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
2009-05-28/a>Stephen HallMicrosoft DirectShow vulnerability

2014

2020-10-29/a>Johannes UllrichPATCH NOW: CVE-2020-14882 Weblogic Actively Exploited Against Honeypots
2015-06-16/a>John BambenekCVE-2014-4114 and an Interesting AV Bypass Technique
2014-09-25/a>Johannes UllrichUpdate on CVE-2014-6271: Vulnerability in bash (shellshock)
2014-09-24/a>Pedro BuenoAttention *NIX admins, time to patch!
2014-09-22/a>Johannes UllrichCyber Security Awareness Month: What's your favorite/most scary false positive
2014-06-30/a>Johannes UllrichShould I setup a Honeypot? [SANSFIRE]
2014-06-12/a>Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-05-23/a>Richard PorterHighlights from Cisco Live 2014 - The Internet of Everything
2014-04-08/a>Guy BruneauOpenSSL CVE-2014-0160 Fixed
2014-03-24/a>Johannes UllrichNew Microsoft Advisory: Unpatched Word Flaw used in Targeted Attacks
2014-03-02/a>Stephen HallSymantec goes yellow

0160

2016-01-31/a>Guy BruneauOpenSSL 1.0.2 Advisory and Update
2014-04-08/a>Guy BruneauOpenSSL CVE-2014-0160 Fixed