Blog

Samba vulnerabilities CVE-2020-25718 and CVE-2021-23192 Security Advisory Security Advisory Description CVE-2020-25718 A flaw was found in the way samba, as an Active Directory Domain Controller, ... More info: https://support.f5.com/csp/article/K21312421?utm_source=f5support&utm_medium=RSS

Samba vulnerability CVE-2021-44141 Security Advisory Security Advisory Description All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if ... More info: https://support.f5.com/csp/article/K45752041?utm_source=f5support&utm_medium=RSS

Samba vulnerability CVE-2016-2124 Security Advisory Security Advisory Description A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the ... More info: https://support.f5.com/csp/article/K86005324?utm_source=f5support&utm_medium=RSS

Samba vulnerability CVE-2020-25717 Security Advisory Security Advisory Description A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw ... More info: https://support.f5.com/csp/article/K75547109?utm_source=f5support&utm_medium=RSS

polkit vulnerability CVE-2021-3560 Security Advisory Security Advisory Description It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the ... More info: https://support.f5.com/csp/article/K41410307?utm_source=f5support&utm_medium=RSS

Ghostscript vulnerability CVE-2021-3781 Security Advisory Security Advisory Description A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter ... More info: https://support.f5.com/csp/article/K04481502?utm_source=f5support&utm_medium=RSS

Samba vulnerability CVE-2021-44142 Security Advisory Security Advisory Description The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide ".enhanced compatibility with ... More info: https://support.f5.com/csp/article/K84695749?utm_source=f5support&utm_medium=RSS

This article was authored by Oren Penso and Ram Akuka It’s no secret that Kubernetes and container adoption has skyrocketed over the last several years, with double-digit growth expected to continue as enterprises increasingly embrace the modern apps transformation. While there are many benefits to leveraging containers and Kubernetes to enable business agility, cloud-native technology The post Announcing Container Runtime Security for VMware Carbon Black Container appeared first on More info: https://blogs.vmware.com/security/2022/03/announcing-container-runtime-security-for-vmware-carbon-black-container.html?utm_source=rss&utm_medium=rss&utm_campaign=announcing-container-runtime-security-for-vmware-carbon-black-container

Apache Struts vulnerability CVE-2018-11776 Security Advisory Security Advisory Description Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when ... More info: https://support.f5.com/csp/article/K60499474?utm_source=f5support&utm_medium=RSS

This piece was authored by the VMware Threat Analysis Unit Summary AvosLocker Ransomware is a recent ransomware with the capability to encrypt Linux systems. AvosLocker seems to be targeting the VMware ESXi virtual machines and Virtual Machine File System (VMFS) files. By targeting VMs, AvosLocker takes advantage of faster and easier encryption of multiple servers The post AvosLocker – Modern Linux Ransomware Threats appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2022/02/avoslocker-modern-linux-ransomware-threats.html?utm_source=rss&utm_medium=rss&utm_campaign=avoslocker-modern-linux-ransomware-threats