all InfoSec news
Brute-Forcing POP3 and CVE-2017–7494 is_known_pipename()
May 15, 2024, 4:47 p.m. | David Eduardo Karpinski
System Weakness - Medium systemweakness.com
All right, guys. Today I want to share with you how I was able to arbitrarily read e-mails with sensitive information from a Dovecot server by exploiting Samba is_known_pipename() Arbitrary Module Load vulnerability.
CVE-2017–7494: is_known_pipename()
This module triggers an arbitrary shared library load vulnerability in Samba versions 3.5.0 to 4.4.14, 4.5.10, and 4.6.4. This module requires valid credentials, a writeable folder in an accessible share, and knowledge of the server-side path of the writeable folder. In some cases, anonymous access …More from systemweakness.com / System Weakness - Medium
Analyzing WSH RAT
1 day, 13 hours ago |
systemweakness.com
The Essential Cybersecurity Mindset
1 day, 13 hours ago |
systemweakness.com
Secure Architecture: Infrastructure Controls
1 day, 13 hours ago |
systemweakness.com
Data Breaching in Secure Companies
1 day, 13 hours ago |
systemweakness.com
How Prompt Injection Can Steal Your Data
3 days, 17 hours ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC