#LLM Agents can Autonomously #Exploit One-day Vulnerabilities

Source: https://arxiv.org/abs/2404.08144

To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the #CVE description. When given the CVE description, GPT-4 is capable of exploiting 87% of these vulnerabilities compared to 0% for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and #Metasploit).

#ai #technology #Software #chatgpt #bug #hack #news #cybersecurity

#NIST National #Vulnerability #Database Disruption Sees #CVE Enrichment on Hold

Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.

Source: https://www.infosecurity-magazine.com/news/nist-vulnerability-database/

#nvd #usa #security #software #problem #exploit #hack #bug #news #cybersecurity

This Week in Security: MOAB, Microsoft, and Printers

#hackadaycolumns #news #securityhacks #cve #haveibeenpwned #thisweekinsecurity #hackaday
posted by pod_feeder_v2

They are sharing SSH CVE-2023-48795 (Terrapin attack) vulnerable instances found in their IPv4/IPv6 scans

Nearly 11M instances (by unique IP) found vulnerable (~52%).

Background on the #vulnerability: https://terrapin-attack.com

fedivers: https://infosec.exchange/@shadowserver/111691389140858555

#cve #network #internet #security #bug #cyberwar #software #terrapin #attack #danger #administration #update #patch #ssh

Critical Apache OfBiz Zero-Day Let Attackers Bypass Authentication

A new vulnerability has been discovered in Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system.

Apache OfBiz is used as a part of the software supply chain in Atlassian’s JIRA, which is predominantly used in several organizations. This vulnerability was a bypass to a previously discovered vulnerability, CVE-2023-49070.

Since the root issue of CVE-2023-49070 was left open, a bypass has been discovered as a workaround for the patch. This new vulnerability has been assigned with CVE-2023-51467, and the severity has been given as 9.8 (Critical).

Apache OfBiz Zero-Day

CVE-2023-49070 was a pre-auth RCE vulnerability due to the presence of XML-RPC, which is no longer maintained. However, the released patch was only with removing XML RPC code from the application, which was open for an authentication bypass.

Test Cases

There were two test cases for exploiting this vulnerability—the first one involved including the requirePasswordChange=Y in the URI with empty USERNAME and PASSWORD parameters.

Due to the misconfiguration of the login condition block, the application resulted in the checkLogin function returning with a “success,” leading to the authentication bypass.

[

#CVE

](https://twitter.com/hashtag/CVE?src=hash&ref_src=twsrc%5Etfw)

-2023-49070

Pre-auth RCE Apache Ofbiz 18.12.09

[

#POC

](https://twitter.com/hashtag/POC?src=hash&ref_src=twsrc%5Etfw)

:

/webtools/control/xmlrpc;/?USERNAME=&PASSWORD=s&requirePasswordChange=Y

Ref:

[

https://t.co/NSgI7IQckp

](https://t.co/NSgI7IQckp)

cc to me.

[

pic.twitter.com/SHOkhzlH09

](https://t.co/SHOkhzlH09)

— Siebene@ (@Siebene7)

[

December 5, 2023

](https://twitter.com/Siebene7/status/1731870759130427726?ref_src=twsrc%5Etfw)

The second test case was similar to the first one, with slightly changing parameters. The USERNAME and PASSWORD parameters are submitted with invalid values.

However, the checkLogin function flow did not enter into the conditional block, which resulted in the authentication being bypassed.

[

#CVE

](https://twitter.com/hashtag/CVE?src=hash&ref_src=twsrc%5Etfw)

-2023-49070 Apache Ofbiz XML-RPC

[

#RCE

](https://twitter.com/hashtag/RCE?src=hash&ref_src=twsrc%5Etfw)

Affected Versions: < 18.12.10

[

pic.twitter.com/9QfiCty04f

](https://t.co/9QfiCty04f)

— M4rtin Hsu (@0xf4n9x)

[

December 6, 2023

](https://twitter.com/_0xf4n9x_/status/1732289811665559775?ref_src=twsrc%5Etfw)

This vulnerability has a publicly available exploit, which penetration testers and security engineers can use to test if the vulnerability exists on their application.

Furthermore, a complete report about this vulnerability has been published by SonicWall, providing detailed information about the code analysis, exploitation, and other information.

Apache OfBiz has fixed this vulnerability in version 18.12.11 and newer. Users of Apache OfBiz are recommended to upgrade to the latest version of this software to prevent this vulnerability from getting exploited by threat actors.

The post Critical Apache OfBiz Zero-Day Let Attackers Bypass Authentication appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder

This Week in Security: Browser Exploits, Play Protect, and Turn ON your Firewall!

#hackadaycolumns #securityhacks #android #cisco #cve #ios #pytorch #hackaday
posted by pod_feeder_v2

This Week in Security: Curl Reveal, Rapid Reset DDoS, and Libcue

#hackadaycolumns #news #securityhacks #curl #cve #gnome #rce #hackaday
posted by pod_feeder_v2

This Week in Security: Looney Tunables, Not a 0-day*, and Curl Warning

#featured #securityhacks #bmc #cve #opensource #hackaday
posted by pod_feeder_v2

CVE-2020-19909 is everything that is wrong with CVEs

source: https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/

This is a story consisting of several little building blocks and they occurred spread out in time and in different places. It is a story that shows with clarity how our current #system with #CVE Ids and lots of power given to #NVD is a completely broken system.

#software #security #problem #bug #risk #news #fail

This Week in Security: Not a Vulnerability, BGP Bug Propogation, and Press Enter to Hack

#hackadaycolumns #news #securityhacks #bgp #cve #thisweekinsecurity #tpm #hackaday
posted by pod_feeder_v2

This Week in Security: Bogus CVEs, Bogus PoCs, And Maybe a Bogus Breach

#hackadaycolumns #news #securityhacks #cve #proofofconcept #thisweekinsecurity #wordpress #hackaday
posted by pod_feeder_v2

Attackers Move Quickly to #Exploit High-Profile #ZeroDays

source: https://unit42.paloaltonetworks.com/incident-response-report/

The 2021 Attack Surface Management Threat Report found that attackers typically start scanning for vulnerabilities within 15 minutes of a #CVE being announced.

#software #scan #vulnerability #bug #problem #security #hack #cybercrime #news #internet #danger #update #attack #technology

Release Announcement: diaspora* version 0.7.16.0 released with security fixes!

• Fix CVE-2022-23633. #8336
• Various improvements and fixes to the archive export and preparations for the upcoming account migration. #8265, #8310, #8263, #8288, #8309 and #8314
• Show sharing status in hovercards. #8317

https://blog.diasporafoundation.org/71-diaspora-version-0-7-16-0-released-with-security-fixes

#Diaspora #DiasporaRelease #CVE #Bugfixes #DiasporaDevelopment #ReleaseAnnouncements

#systemd #WithoutSystemD #linux #openrc #ArtixLinux #fsckSystemD #fsckRedhat #bloat #CVE