CVE-2008-0166
- 2 Posts
- 418 Interactions
CVE Info
Fediverse
Today, 16 years ago, Debian published a security advisory announcing CVE-2008-0166, a severe bug in their OpenSSL package that effectively broke the random number generator and limited the key space to a few ten thousand keys. The vulnerability affected Debian+Ubuntu between 2006 and 2008. In 2007, an email signature system called DKIM was introduced. Is it possible that people configured DKIM in 2007, never changed their key, and are still vulnerable to CVE-2008-0166? https://16years.secvuln.info/
Reason #2,391 why revisiting security assumptions is always a good idea.
[Bimi] No cryptographic connection between VMC and DKIM key
https://mailarchive.ietf.org/arch/msg/bimi/Ba3jFfJ8K6ic7qg4DzPsIsGW5UY/
My favorite part:
"I guess some may consider what I just said as an unimportant or a merely theoretical issue, so I would like to illustrate it with an example. Let's take the domain entrust.com. It has a DKIM key
configured at "dkim._domainkey.entrust.com". The TXT record is the following:
"v=DKIM1; k=rsa;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyGF0xzO7Eig1H8QdIErjEKOGnIVvoLU5VjcMRBRWZK65NinL+gVnjuMD2mYdjC3f+7sQCWxGDSKIFn/bB+iXxO2x1/ktkwXHQfQ/9FcFuy+LE0Snsm0SwXN/2l1m5f9e1xdswC+dzHt6DIpDSDENsRal019YKQTqwVyB++7QORwIDAQAB"
This is a 1024 bit RSA key, which is not up to modern standards. But breaking 1024 bit RSA is still only feasible for very powerful attackers. However, this key has another problem: it is vulnerable to
the Debian OpenSSL bug (CVE-2008-0166). It is trivially possible to
find the private key (you can use my tool badkeys -
https://badkeys.info/ - to do that):
https://github.com/badkeys/debianopenssl/blob/main/rsa1024/ssl/le32/25731-rnd.key"
CVE-2023-49606
- 2 Posts
- 1 Interaction
CVE Info
Fediverse
52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606
Più di 52.000 host Tinyproxy che si possono trovare su Internet sono vulnerabili alla vulnerabilità critica RCE CVE-2023-49606, recentemente scoperta in un server proxy open source. Tinyproxy è un server proxy open source per HTTP e HTTPS progettato per essere veloce e leggero. È progettato per i sistemi UNIX ed è ampiamente utilizzato da piccole […]
L'articolo 52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606 proviene da il blog della sicurezza informatica.
https://www.redhotcyber.com/post/52-000-server-tinyproxy-esposti-scoperta-vulnerabilita-rce-critica-cve-2023-49606/
https://www.redhotcyber.com/feed
https://poliverso.org/display/0477a01e-3e36776e-1c300c027251d6c4
52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606
https://poliverso.org/display/0477a01e-3e36776e-1c300c027251d6c4
52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606 Più di 52.000 host Tinyproxy che si possono trovare su Internet sono vulnerabili alla vulnerabilità https://www.redhotcyber.com/post/vulnerabilita-cve-2024-21893-ivanti-colpito-da-hacker-cinesi-unc5325-e-unc3886/ critica RCE CVE-2023-49606, recentemente scoperta in
CVE-2024-27793
- 1 Post
- 1 Interaction
CVE Info
Fediverse
New @Forbes: A critical security vulnerability in the iTunes application for Windows 10 and Windows 11 users could have enabled malicious attackers to arbitrarily execute code remotely, Apple has confirmed in a support document published 8 May.
#kudos @wrv for finding CVE-2024-27793
CVE-2024-21893
KEV- 1 Post
- 1 Interaction
CVE Info
Fediverse
52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606
https://poliverso.org/display/0477a01e-3e36776e-1c300c027251d6c4
52.000 server Tinyproxy esposti: Scoperta vulnerabilità RCE critica CVE-2023-49606 Più di 52.000 host Tinyproxy che si possono trovare su Internet sono vulnerabili alla vulnerabilità https://www.redhotcyber.com/post/vulnerabilita-cve-2024-21893-ivanti-colpito-da-hacker-cinesi-unc5325-e-unc3886/ critica RCE CVE-2023-49606, recentemente scoperta in