lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 9 Sep 2022 14:47:11 -0500
From: Daniel Wood via Fulldisclosure <fulldisclosure@...lists.org>
To: fulldisclosure@...lists.org
Subject: [FD] Multiple vulnerabilities discovered in Qualys Cloud Agent

The Unqork Security team discovered multiple security vulnerabilities in
the Qualys Cloud Agent, to include arbitrary code execution.

CVE-2022-29549 (Arbitrary Code Execution)
https://nvd.nist.gov/vuln/detail/CVE-2022-29549

CVE-2022-29550 (Sensitive Information Disclosure)
https://nvd.nist.gov/vuln/detail/CVE-2022-29550

Read more:
https://www.unqork.com/resources/unqork-and-qualys-partner-to-resolve-zero-day-vulnerabilities
https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux

Daniel Wood
Head of Product Security, Unqork

-- 
**This e-mail, and any attachments thereto, is intended only for use by the 
addressee(s) named herein and may contain legally privileged and/or 
confidential information. If you are not the intended recipient of this 
e-mail, you are hereby notified that any dissemination, distribution or 
copying of this e-mail, and any attachments thereto, is strictly 
prohibited. If you have received this e-mail in error, please notify me by 
replying to this message and permanently delete the original and any copy 
of this e-mail and any printout thereof.**
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists