Apple Security Advisory 12-19-2023-1 - macOS Sonoma 14.2.1 addresses a session tracking issue.
ff03743c830c771fbd01d7356186b7a027eac19c6ac1a3a6bf86931d463c3b93Red Hat Security Advisory 2023-7879-03 - An update for opensc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and out of bounds read vulnerabilities.
16e6e4713eedc916c1c323c6a070fec9bfe4595b8fb4781c7f863e71a367c259Red Hat Security Advisory 2023-7877-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.
79766b90d0f80e7196504f3ddf5e7b091dcb56864a6c0e4babe5c713cefd9c29Red Hat Security Advisory 2023-7876-03 - An update for opensc is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
e166f025c98c78bc231527d657dc8d681065b9f4b2220116fa85d72d3953db7fRed Hat Security Advisory 2023-7875-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
6c18c13067330635a2b542912efdc2ce7855424b4a9cafe4165efcc6e622222bRed Hat Security Advisory 2023-7874-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
de402adf8e7a899128a25da20c1b4f7f603d4fef545aca232c98c74979caa9c8Red Hat Security Advisory 2023-7873-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
db642aaf2431e4e6b3a4ee4c2674c8c1fee0b0b42f9df814ee4b41c747d5efeeRed Hat Security Advisory 2023-7872-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
aaf07f4cd9a29b5f433294d53ca3a36a3a01ccffd46a28760f760e6eacefbadfIn this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.
3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93This improper authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to the Confluence instance administrator. This Metasploit module uses the administrator account to install a malicious .jsp servlet plugin which the user can trigger to gain code execution on the target in the context of the of the user running the confluence server.
26d73b4952befcec0a56b50c408cd4fd4e5babeec09700eba379dfb85cf91c39I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
30ef8afcad0fffafd94d30ac307f86b5a6b318e2c1f44a023005841a1fcd077cDebian Linux Security Advisory 5580-1 - The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service.
c6891c045504fe548f17f5660e0f9ab7018990e4e84cbb0260fb3fbed6e142c6Red Hat Security Advisory 2023-7878-03 - An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include an integer overflow vulnerability.
261479628cc44c85e64eeee988efabd05f29dfc6ea0bb0b4c0fe4dcdd3f41fbdGentoo Linux Security Advisory 202312-1 - Several vulnerabilities have been found in Leptonice, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.81.0 are affected.
15792a867789f26ef677a41865c5d76fdd953d01a4e50faab0b867ba1464cb8bDebian Linux Security Advisory 5579-1 - Multiple vulnerabilities were discovered in FreeImage, a support library for graphics image formats, which could result in the execution of arbitrary code if malformed image files are processed.
d3cff019742d9c0322612e8a359f402f4290070167509cc7d9ce8e4d328f85c0Debian Linux Security Advisory 5576-2 - The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available.
6ac1fd4d8be53ce269e1946d49995f722c9654920861467d8417cd36346e4880Debian Linux Security Advisory 5578-1 - It was discovered that Ghostscript, the GPL PostScript/PDF interpreter, does not properly handle errors in the gdev_prn_open_printer_seekable() function, which could result in the execution of arbitrary commands if malformed document files are processed.
20aeaf38dff4509c5503e7d3ced1a1155f0e31b502d0583ba7cf15955095ed39RTPEngine version mr11.5.1.6 suffers from a denial of service vulnerability via DTLS Hello packets during call initiation.
7938f478eab1d8bc840896b24b1e1e899b45b53e89a3e7429e87eaebcefdc333PKP Web Application Library (PKP-WAL) versions 3.4.0-3 and below, as used in Open Journal Systems (OJS), Open Monograph Press (OMP), and Open Preprint Systems (OPS) before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability.
894453dd71b738c757ad44c73e02be6e0af26e1e261f945b9dc8f20a9ebb348eGoogle's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.
2d3b2e4f066b1f3eda17faff147dfa3e4b16fba044257361aca51a2322c5122dUbuntu Security Notice 6488-2 - USN-6488-1 fixed a vulnerability in strongSwan. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
338f4a5b2aa85b89f8b08d5684422107226ac51c46249766ac922c0b469c720eUbuntu Security Notice 6556-1 - It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. Matthias Gerstner discovered that Budgie Extras incorrectly handled certain temporary file paths. A local attacker could use this to inject arbitrary PNG data in this path and have it displayed on the victim's desktop or deny access to the application.
1e445a20e0c3e2f5cd796458dc464196f8b71e35096e6c4f1fb6ced4a09715a1When handling DTLS-SRTP for media setup, Asterisk version 20.1.0 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.
64a70704bf3c592f3c715409a2cca70dea12a637204ffa690f04e1d61f8e5387Ubuntu Security Notice 6558-1 - It was discovered that audiofile could be made to dereference invalid memory. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that audiofile could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
6a440b0470b659ef8af146298808a0dd6b5659c6528660e23e465d017c10fa55Ubuntu Security Notice 6557-1 - It was discovered that Vim could be made to dereference invalid memory. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that Vim could be made to recurse infinitely. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
872f33dc2b7bc88b8c7bb037d8cce3aa5d34706dc69f05eec595485cb8f8d733
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed