Security

Vuln NXOS 8.2(4)

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 8.2(4)

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 8.2(6) 2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 8.2(6) 2020-08-26T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 8.2(6) 2020-06-03T16:00:00
cisco-sa-20200226-nxos-arp Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability 4.7 CVE-2020-3174 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200226-nxos-api-dos Cisco NX-OS Software NX-API Denial of Service Vulnerability 5.3 CVE-2020-3170 8.2(5) 2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3120 8.2(5) 2020-02-05T16:00:00
Any Comments ?

sha256: 83f05371aa9a76dc79231c5794783649ccf885061887a5d55bc0d7b2d9ad4fb7

Vuln IOS XE 03.08.09

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: iosxe

Version: 03.08.09.E

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-iosxe-digsig-bypass-FYQ3bmVq Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability 6.8 CVE-2020-3209 2020-06-03T16:00:00
cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.8 CVE-2020-3217 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
Any Comments ?

sha256: 397e05c88b687a24a6437aef9e0a3eb7a0ffc1b7041065b122ebc5a9c2b85aaf

Vuln IOS 15.0(2)SE8

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: ios

Version: 15.0(2)SE8

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00
cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00
cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00
cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00
cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.7 CVE-2020-3200 2020-06-03T16:00:00
cisco-sa-tcl-ace-C9KuVKmm Cisco IOS and IOS XE Software Tcl Arbitrary Code Execution Vulnerability 6.7 CVE-2020-3204 2020-06-03T16:00:00
cisco-sa-20200108-ios-csrf Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability 8.8 CVE-2019-16009 2020-01-08T16:00:00
cisco-sa-20190925-http-client Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability 4.8 CVE-2019-12665 2019-09-25T16:00:00
cisco-sa-20160525-ipv6 Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability 5.8 CVE-2016-1409 2016-05-25T16:00:00
cisco-sa-20180926-ptp Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability 7.5 CVE-2018-0473 2018-09-26T16:00:00
cisco-sa-20170629-snmp SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software 8.8 CVE-2017-6736 2017-06-29T16:00:00
cisco-sa-20170317-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability 9.8 CVE-2017-3881 2017-03-17T16:00:00
cisco-sa-20190327-ios-infoleak Cisco IOS and IOS XE Software Hot Standby Router Protocol Information Leak Vulnerability 4.3 CVE-2019-1761 2019-03-27T16:00:00
cisco-sa-20190327-cmp-dos Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2019-1746 2019-03-27T16:00:00
cisco-sa-20190327-ipsla-dos Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability 8.6 CVE-2019-1737 2019-03-27T16:00:00
cisco-sa-20180926-cdp-dos Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2018-15373 2018-09-26T16:00:00
cisco-sa-20180926-cmp Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability 7.4 CVE-2018-0475 2018-09-26T16:00:00
cisco-sa-20180926-tacplus Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability 6.8 CVE-2018-15369 2018-09-26T16:00:00
cisco-sa-20180926-vtp Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability 4.3 CVE-2018-0197 2018-09-26T16:00:00
cisco-sa-20180328-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 8.6 CVE-2018-0156 2018-03-28T16:00:00
cisco-sa-20180328-smi2 Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability 9.8 CVE-2018-0171 2018-03-28T16:00:00
cisco-sa-20180328-lldp Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities 8.8 CVE-2018-0167 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr3 Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability 8.6 CVE-2018-0174 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr1 Cisco IOS and IOS XE Software DHCP Version 4 Relay Heap Overflow Denial of Service Vulnerability 8.6 CVE-2018-0172 2018-03-28T16:00:00
cisco-sa-20180328-dhcpr2 Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability 8.6 CVE-2018-0173 2018-03-28T16:00:00
cisco-sa-20180328-ike-dos Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability 8.6 CVE-2018-0159 2018-03-28T16:00:00
cisco-sa-20170419-energywise Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities 8.6 CVE-2017-3860 2017-04-19T16:00:00
cisco-sa-20170927-dhcp Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability 9.8 CVE-2017-12240 2017-09-27T16:00:00
cisco-sa-20170927-profinet Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability 8.6 CVE-2017-12235 2017-09-27T16:00:00
cisco-sa-20170927-ike Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability 8.6 CVE-2017-12237 2017-09-27T16:00:00
cisco-sa-20170927-pnp Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability 8.7 CVE-2017-12228 2017-09-27T16:00:00
cisco-sa-20170927-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities 8.6 CVE-2017-12233 2017-09-27T16:00:00
cisco-sa-20170727-ospf Multiple Cisco Products OSPF LSA Manipulation Vulnerability 4.2 CVE-2017-6770 2017-07-27T16:00:00
cisco-sa-20170322-dhcpc Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability 8.6 CVE-2017-3864 2017-03-22T16:00:00
cisco-sa-20150923-fhs Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 7.8 CVE-2015-6278 2015-09-23T16:00:00
cisco-sa-20160916-ikev1 IKEv1 Information Disclosure Vulnerability in Multiple Cisco Products 7.8 CVE-2016-6415 2016-09-16T16:00:00
cisco-sa-20160928-aaados Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 7.1 CVE-2016-6393 2016-09-28T16:00:00
cisco-sa-20160928-dns Cisco IOS and IOS XE Software DNS Forwarder Denial of Service Vulnerability 8.3 CVE-2016-6380 2016-09-28T16:00:00
cisco-sa-20160928-ios-ikev1 Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-6381 2016-09-28T16:00:00
cisco-sa-20160928-msdp Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 7.8 CVE-2016-6382 2016-09-28T16:00:00
cisco-sa-20160928-smi Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 7.8 CVE-2016-6385 2016-09-28T16:00:00
cisco-sa-20160928-cip Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 7.8 CVE-2016-6391 2016-09-28T16:00:00
cisco-sa-20160323-ios-ikev2 Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability 7.1 CVE-2016-1344 2016-03-23T16:00:00
cisco-sa-20160323-smi Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 7.8 CVE-2016-1349 2016-03-23T16:00:00
cisco-sa-20150325-tcpleak Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability 7.8 CVE-2015-0646 2015-03-25T16:00:00
cisco-sa-20150325-cip Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol 7.8 CVE-2015-0647 2015-03-25T16:00:00
cisco-sa-20150320-openssl Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products 2.6 CVE-2015-0207 2015-03-20T20:20:00
cisco-sa-20150408-ntpd Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products 5.0 CVE-2015-1798 2015-04-08T16:00:00
cisco-sa-20150310-ssl Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products 5.0 CVE-2014-3569 2015-03-10T16:00:00
Cisco-SA-20150113-CVE-2015-0204 OpenSSL RSA Temporary Key Cryptographic Downgrade Vulnerability 5.0 CVE-2015-0204 2015-01-13T19:57:19
Any Comments ?

sha256: 79bf0448ec96592b255cae56173d8046be1d26090c12f05c8ec949a5e494e8f4

Vuln NXOS 6.2(8)

Security

Security posture via Cisco PSIRT OpenVuln API

Platform: nxos

Version: 6.2(8)

Advisory-ID Impact CVSS CVE Fixed with First Published
cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 7.3(6)D1(1) 2020-08-26T16:00:00
cisco-sa-callhome-cmdinj-zkxzSCY Cisco NX-OS Software Call Home Command Injection Vulnerability 7.2 CVE-2020-3454 6.2(22) 2020-08-26T16:00:00
cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 6.2(24) 2020-08-26T16:00:00
cisco-sa-nxos-ipip-dos-kCT9X4 Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability 8.6 CVE-2020-10136 6.2(24a) 2020-06-01T16:00:00
cisco-sa-20200226-fxos-nxos-cdp Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution and Denial of Service Vulnerability 8.8 CVE-2020-3172 6.2(24) 2020-02-26T16:00:00
cisco-sa-20200205-fxnxos-iosxr-cdp-dos Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3120 6.2(24) 2020-02-05T16:00:00
cisco-sa-20190828-nxos-fsip-dos Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability 8.6 CVE-2019-1962 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190828-fxnxos-snmp-dos Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability 7.7 CVE-2019-1963 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190828-nxos-memleak-dos Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability 7.7 CVE-2019-1965 6.2(22) 2019-08-28T16:00:00
cisco-sa-20190925-vman Cisco NX-OS and IOS XE Software Virtual Service Image Signature Bypass Vulnerability 6.7 CVE-2019-12662 6.2(24) 2019-09-25T16:00:00
cisco-sa-20190925-nxos-vman-cmd-inj Cisco NX-OS Software Virtualization Manager Command Injection Vulnerability 6.7 CVE-2019-12717 6.2(24) 2019-09-25T16:00:00
Any Comments ?

sha256: dcc57a5fe985797f70625f446699af20967b380a718cd1d9a5b903aa5220b86a

RC3

Security

some cool Movies/Audios from “Remote Chaos Experience” RC3

RC3 Video, ordered by ViewCount

Amateurfunk hacken

Spot the Surveillance

DevOps Disasters 3.1

Elektrogruselkabinet Indien-Edition

36C3 - Boeing 737MAX: Automated Crashes

36C3 - BahnMining - Pünktlichkeit ist eine Zier

36C3 - Finfisher verklagen

36C3 - Hirne Hacken

35C3 - Du kannst alles hacken – du darfst dich nur nicht erwischen lassen

35C3 - Hackerethik - eine Einführung

Any Comments ?

sha256: ec267b020ffdde11711eff23057df1a9b74a0fed1c262c0ab9dd28b5c08d512e

Bug in OpenSSH / Config Checker

Security

stumpled upon a bug in openssh … did a small config change in sshd_config, deployed it with ansible … and lost connectifity to all these boxes immediately … and of course, i did a config check before reloading the sshd daemon, and the config check was fine.

i can’t belife that nobody else found this before, as it’s really simple to reproduce. and it’s working with openbsd, debian, centos and mostly on all system which have opensshd implemented (and that’s a lot of …)

Nginx with Client Certificate

OpenBSD, Security

NGINX with Client Certificates

root@debian:/etc/nginx/sites-available#
server {
  listen 80;
  listen [::]:80;

  server_name host198.planet;
  root /var/www/host198.planet;

  access_log /var/log/nginx/host198.planet;
  index index.html;

  location / {
    try_files $uri $uri/ =404;
  }
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;

  server_name host198.planet;
  root /var/www/host198.planet;

  ssl_certificate /etc/ssl/private/fullchain.crt;
  ssl_certificate_key /etc/ssl/private/host198.planet.key;

  ssl_protocols TLSv1.1 TLSv1.2;
  ssl_ciphers HIGH:!aNULL:!MD5;

  ssl_client_certificate /etc/ssl/private/ca.crt;
  ssl_verify_client optional;

  access_log /var/log/nginx/host198.planet;
  index index.html;

  #location / {
  #        try_files $uri $uri/ =404;
  #}
  location / {
    # if the client-side certificate failed to authenticate, show a 403
    # message to the client
    if ($ssl_client_verify != SUCCESS) {
      return 403;
    }
  }
}
Any Comments ?

sha256: dbf64919ee3864f77b78f71f2b4b70d6794d96dd3dbbe1ae9ce3442cda571c26

Ed25519

Security

like ssh and secure keys ?

Generate Secure Key

ssh-keygen -o -a 100 -t ed25519 -C "MyFamousComment"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname)"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname) at $(date \"+%Y-%m-%d\")"
ssh-keygen -o -a 100 -t ed25519 -C "$(whoami)@$(hostname) at $(date \"+%Y-%m-%d %H:%M\")"

What’s ed25519 ?

Wikipedia about Curve25519

2^{{255}}-19

Distribute Key

ssh-copy-id user@remotehost

Connect to Remote

Connect to Remove without Agent Forwarding (use this unless you know what you’re dooing …)

ssh -a remotehost

Connect with Agent Forwarding

or if you need Agent Forwarding