RSS

NCL - OSINT - Threat Intel (Easy)

NCL - OSINT - Threat Intel (Easy)

Threat Intel (Easy)

Simple Google searches for this one as well.

Q1: What is the CVE of the original POODLE attack?

A: CVE-2014-3566

  • POODLE (Padding Oracle On Downgraded Legacy Encryption). This security vulnerability was disclosed in 2014 and affects SSL version 3.0, making it possible for an attacker to decrypt secure connections by exploiting the way certain errors are handled in the SSL protocol.

Q2: What version of VSFTPD contained the smiley face backdoor?

A: 2.3.4

  • VSFTPD (Very Secure FTP Daemon). This backdoor was inserted in an official release in July 2011 and was quickly identified and rectified. It allowed unauthorized remote command execution when a user connected to the FTP server and sent a smiley face “:)” as part of the username. This incident was notable as it highlighted the risks associated with open-source software maintenance and distribution.

Q3: What was the first 1.0.1 version of OpenSSL that was NOT vulnerable to heartbleed?

A: 1.0.1g

  • This version was released on April 7, 2014, in response to the Heartbleed vulnerability, which was identified in OpenSSL versions 1.0.1 through 1.0.1f. The Heartbleed vulnerability was a security flaw in the OpenSSL cryptography library that allows attackers to read sensitive data from a server’s memory, potentially including private keys and personal information.

Q4: What was the original RFC number that described Telnet?

A: RFC 15

  • RFC 15, titled “Network Subsystem for Time Sharing Hosts,” published in 1969. This RFC laid the foundation for the Telnet protocol, which is one of the earliest Internet protocols developed for remote communication between computers.

Q5: How large (in bytes) was the SQL Slammer worm?

A: 376 bytes

  • The SQL Slammer worm, also known as Sapphire, was remarkably small in size, totaling only 376 bytes. This extremely compact size contributed to its rapid propagation and significant impact on global Internet traffic in 2003.

Q6: Complete the sentence: “Samy is my…"

A: hero

  • This phrase originated from the Samy worm, a fast-spreading XSS (Cross-Site Scripting) worm created by Samy Kamkar, which propagated across MySpace in 2005.