No more VPS

A little of history

For a really long time I was using Contabo VPS as my main server. I was really happy with it. Good thing was, I bought it long time ago, before changes in packages, so I had few cores more then you may have right now for the same price. Similar story was with system memory. Ok, disk storage was lower then you will get now, but it wasn’t important for me. In my case, most of the space is used by images, and all of them are offloaded into S3 bucket anyway.

S3 and Ccloudflare

Because I’m using S3 bucket as a storage for offloaded images, I don’t need a lot of space and transfer. But… if I will serve images directly from S3, it will not look nice from the url point of view. So I mixed S3 (as storage) and Cloudflare with custom sub-domain (as CDN – Content Delivery Network).

Read more No more VPS

Multiple vulnerabilities in QNAP TS-464 NAS devices

The advisories from ZDI-24-470 to ZDI-24-475 detail a series of vulnerabilities affecting QNAP TS-464 NAS devices, ranging from CRLF injection and SQL injection to improper certificate validation and file upload directory traversal. These vulnerabilities could allow remote attackers to make arbitrary configuration changes, execute code, escalate privileges, and create or delete files on affected devices. QNAP has issued updates to correct these vulnerabilities, highlighting the importance of applying security patches promptly to protect against potential exploits.

Read more Multiple vulnerabilities in QNAP TS-464 NAS devices

Multiple vulnerabilities in Cisco

Here’s a summary of the Cisco Security Advisories:

  1. Cisco AppDynamics Network Visibility Service DoS Vulnerability: An unauthenticated, local attacker could cause a denial of service (DoS) condition due to improper handling of unexpected input.
  2. Cisco Crosswork NSO Open Redirect Vulnerability: An unauthenticated, remote attacker could redirect a user to a malicious web page due to improper input validation of a parameter in an HTTP request.
  3. Cisco Crosswork NSO Privilege Escalation Vulnerability: An authenticated, local attacker could elevate privileges to root on an affected device because of a user-controlled search path used to locate executable files.
  4. Cisco Secure Client NAM Privilege Escalation Vulnerability: An unauthenticated attacker with physical access could elevate privileges to SYSTEM due to a lack of authentication on a specific function.
  5. Cisco Secure Email and Web Manager XSS Vulnerabilities: Multiple vulnerabilities could allow a remote attacker to conduct XSS attacks against users of the interface due to insufficient input validation.
  6. Cisco Secure Email Gateway HTTP Response Splitting Vulnerability: An unauthenticated, remote attacker could conduct an HTTP response splitting attack due to insufficient input validation of some parameters.
  7. Cisco Unified Communications Products API DoS Vulnerability: An unauthenticated, remote attacker could cause high CPU utilization and potentially impact access and call processing due to improper API authentication and incomplete validation of the API request.
Read more Multiple vulnerabilities in Cisco

D-Link – multiple vulnerabilities, some are 0-days

Here’s a summary of the vulnerabilities reported:

  • Remote Code Execution (RCE) Vulnerabilities:
    • D-Link D-View: Two vulnerabilities (ZDI-24-448, ZDI-24-450) allow remote code execution due to command injection and exposed dangerous methods. Both require authentication, which can be bypassed. CVSS rating: 8.8.
    • D-Link G416: Attackers can execute code on G416 routers without authentication (ZDI-24-446). CVSS rating: 8.8.
    • D-Link DIR-2150: The GetDeviceSettings feature in DIR-2150 routers is vulnerable to command injection by network-adjacent attackers without authentication (ZDI-24-442). CVSS rating: 8.8.
    • D-Link DIR-2640: A stack-based buffer overflow in DIR-2640-US routers allows RCE without authentication (ZDI-24-444). CVSS rating: 8.8.
    • D-Link D-View: Another vulnerability (ZDI-24-449) allows RCE through an exposed dangerous method with bypassable authentication. CVSS rating: 8.8.
  • Local Privilege Escalation:
    • D-Link Network Assistant: A vulnerability (ZDI-24-443) allows local attackers to escalate privileges by exploiting an uncontrolled search path element. Requires execution of low-privileged code. CVSS rating: 7.3.
  • Denial-of-Service (DoS):
    • D-Link DIR-3040: A memory leak in prog.cgi websSecurityHandler can be exploited by network-adjacent attackers to cause a DoS condition (ZDI-24-445). No authentication needed. CVSS rating: 4.3.
  • Authentication Bypass:
    • D-Link D-View: A vulnerability (ZDI-24-447) allows bypassing authentication using a hard-coded cryptographic key. No authentication needed for exploitation. CVSS rating: 9.8.

All vulnerabilities are marked as “0Day,” indicating they are previously unknown and unpatched. The CVSS ratings range from 4.3 to 9.8, reflecting the severity of the vulnerabilities. The higher the CVSS score, the more severe the vulnerability. It’s important for organizations using these D-Link products to be aware of these vulnerabilities and apply any available patches or mitigations provided by the vendor.

Read more D-Link – multiple vulnerabilities, some are 0-days

Apple Siri and ChatGPT: Revolutionizing AI Chat Technology

  •  

The article on https://www.nytimes.com discusses the collaboration between Apple’s Siri and OpenAI’s ChatGPT to enhance the capabilities of the virtual assistant. I found it really intresting.

Advancements in AI Technology: A Look at Apple’s Siri and ChatGPT

In the ever-evolving landscape of artificial intelligence (AI) technology, companies like Apple are constantly pushing the boundaries of what is possible. One of the most recent advancements in AI technology is the integration of ChatGPT into Apple’s Siri virtual assistant. This collaboration has the potential to revolutionize the way we interact with AI systems and could pave the way for even more sophisticated AI applications in the future.

ChatGPT, developed by OpenAI, is a state-of-the-art language model that uses deep learning techniques to generate human-like responses to text inputs. By incorporating ChatGPT into Siri, Apple has significantly enhanced the virtual assistant’s ability to understand and respond to natural language queries. This means that Siri can now engage in more complex and nuanced conversations with users, making interactions with the virtual assistant feel more natural and intuitive.

One of the key advantages of integrating ChatGPT into Siri is its ability to generate contextually relevant responses. This means that Siri can now better understand the context of a conversation and provide more accurate and personalized answers to user queries. For example, if a user asks Siri for restaurant recommendations, the virtual assistant can now take into account the user’s location, preferences, and past interactions to offer more tailored suggestions.

Another significant benefit of this integration is the improved conversational capabilities of Siri. With ChatGPT, Siri can now engage in more fluid and coherent conversations with users, making interactions with the virtual assistant feel more like chatting with a real person. This enhanced conversational ability not only makes Siri more user-friendly but also opens up new possibilities for how AI systems can be used in various applications, such as customer service and virtual assistants.

Furthermore, the integration of ChatGPT into Siri has the potential to improve the overall user experience of Apple’s ecosystem. By making Siri more intelligent and responsive, Apple can enhance the functionality of its devices and services, making them more valuable to users. This could lead to increased user engagement and loyalty, as well as a competitive edge in the AI technology market.

Read more Apple Siri and ChatGPT: Revolutionizing AI Chat Technology

Vulnerabilities in Adobe Readed DC Software

Consolidated summary:

  • ZDI-24-424 & ZDI-24-425: Both vulnerabilities, identified as CVE-2024-30305 and CVE-2024-30303 respectively, have a CVSS score of 7.8 and affect Adobe Acrobat Reader DC. They allow remote code execution due to improper handling of AcroForms. Users must interact with a malicious page or file to trigger the flaw.
  • ZDI-24-427: Identified as CVE-2024-30306 with a CVSS score of 7.8, this vulnerability in Adobe Acrobat Reader DC allows remote code execution through an out-of-bounds read in AcroForms. User interaction is required.
Read more Vulnerabilities in Adobe Readed DC Software

Big changes in my home server

For a long time I was using Proxmox as my server OS. On it I had few VMs. One with Arch Linux (I’m using it as my daily OS through RDP), another one with Home Assistant, another one for media (Jellyfin app, Calibre, etc). And some created ad-hoc when needed for testing. But from some time I was thinking about big change. And finally it happened during this week.

Read more Big changes in my home server

Multiple advisories in March 2024 release of the Cisco IOS XR Software Security Advisory Bundled Publication

  • Cisco IOS XR Software SSH Privilege Escalation Vulnerability (Security Impact Rating: High)
  • Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability (Security Impact Rating: Medium)
  • Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability (Security Impact Rating: Medium)
  • Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability (Security Impact Rating: High)
  • Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities (Security Impact Rating: Medium)
  • Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability (Security Impact Rating: Medium)
  • Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability (Security Impact Rating: High)
Read more Multiple advisories in March 2024 release of the Cisco IOS XR Software Security Advisory Bundled Publication