This Metasploit module exploit takes advantage of the StringSubstitutor interpolator class, which is included in the Commons Text library. A default interpolator allows for string lookups that can lead to remote code execution. This is due to a logic flaw that makes the script, dns and url lookup keys interpolated by default, as opposed to what it should be, according to the documentation of the StringLookupFactory class. Those keys allow an attacker to execute arbitrary code via lookups primarily using the script key. In order to exploit the vulnerabilities, the following requirements must be met: Run a version of Apache Commons Text from version 1.5 to 1.9, use the StringSubstitutor interpolator, and the target should run JDK versions prior to 15.
3303e5c941051cbc6b4f8ddaa2c9912a8740038a8cc31a244e760936ff9694d8Linux versions 5.6 and above appear to suffer from a cred refcount overflow when handling approximately 39 gigabytes of memory usage via io_uring.
eb6cd67301b0a3753b8bd45f998819605fcd09521aac98683535cba1e70af180Ubuntu Security Notice 6589-1 - Fabian Baeumer, Marcus Brinkmann and Joerg Schwenk discovered that the SSH protocol used in FileZilla is prone to a prefix truncation attack, known as the "Terrapin attack". A remote attacker could use this issue to downgrade or disable some security features and obtain sensitive information.
8518668a4badaa795ff43751102221732a1799bf651302c95ea7ee967ec088d0Lepton CMS version 7.0.0 suffers from a remote code execution vulnerability.
e49b03d230a8b76fb8464dbbc5243150ad7d594058444b9ce7dc55ee672e6138Red Hat Security Advisory 2024-0304-03 - Updated images are now available for Red Hat Advanced Cluster Security 3.74. The updated images includes bug and security fixes.
abba8fca96858cd7d244976eff1c9aca997ca70df2a3227599f6e7a74efa24cfRed Hat Security Advisory 2024-0300-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
4412f703d959c59aa8a60d7a59b5e7a78dd01b8efcff48d6555296c3f35bf621Red Hat Security Advisory 2024-0299-03 - An update for python-requests is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
9701ca8b572d6d25dfb6014a97a226ddccc462f28d27056943a62ff62a2e53fdRed Hat Security Advisory 2024-0298-03 - Red Hat Advanced Cluster Management for Kubernetes 2.9.2 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.
68d1ae256efb0cce89e808dc441cf435e32ad29a3117594ae14a932ac3609708Red Hat Security Advisory 2024-0266-03 - An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and out of bounds access vulnerabilities.
869a73da8c9722ac48adce66f9a947eb24c4e16b9bc19da5b0295ecdc0019cedUbuntu Security Notice 6590-1 - It was discovered that Xerces-C++ was not properly handling memory management operations when parsing XML data containing external DTDs, which could trigger a use-after-free error. If a user or automated system were tricked into processing a specially crafted XML document, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Xerces-C++ was not properly performing bounds checks when processing XML Schema Definition files, which could lead to an out-of-bounds access via an HTTP request. If a user or automated system were tricked into processing a specially crafted XSD file, a remote attacker could possibly use this issue to cause a denial of service.
f40dc28e3c1750f24d759d3d0e4256073e4117e784f8a54448ad19d71f59eb02Firefox version 121 and Chrome version 120 may both suffer from a minor denial of service issue with file downloads.
87fff58ac306829b938551eaffd6ed12db00ff7e56118bf0e6a8e7d7cf6ed267MiniWeb HTTP Server version 0.8.1 remote denial of service exploit.
248b2f630c31c5b087671d0e5ed5e860b24d7c946a245d40497623ce86f5a1ef
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed