Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-28

Gentoo Linux Security Advisory 202402-28 - Multiple vulnerabilities have been discovered in Samba, the worst of which can lead to remote code execution. Versions greater than or equal to 4.18.9 are affected.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5626-1

Debian Linux Security Advisory 5626-1 - It was discovered that malformed DNSSEC records within a DNS zone could result in denial of service against PDNS Recursor, a resolving name server.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-27

Gentoo Linux Security Advisory 202402-27 - A vulnerability has been discovered in Glade which can lead to a denial of service. Versions greater than or equal to 3.38.2 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-26

Gentoo Linux Security Advisory 202402-26 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could result in arbitrary code execution. Versions greater than or equal to 115.7.0:esr are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-25

Gentoo Linux Security Advisory 202402-25 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-21

Gentoo Linux Security Advisory 202402-21 - Multiple vulnerabilities have been discovered in QtNetwork, the worst of which could lead to execution of arbitrary code. Versions greater than or equal to 6.6.1-r2 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-24

Gentoo Linux Security Advisory 202402-24 - Multiple vulnerabilities have been discovered in Seamonkey, the worst of which can lead to remote code execution. Versions greater than or equal to 2.53.10.2 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-23

Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-22

Gentoo Linux Security Advisory 202402-22 - Multiple vulnerabilities have been discovered in intel-microcode, the worst of which can lead to privilege escalation. Versions greater than or equal to 20230214_p20230212 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-20

Gentoo Linux Security Advisory 202402-20 - A vulnerability has been discovered in Thunar which may lead to arbitrary code execution Versions greater than or equal to 4.17.3 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-19

Gentoo Linux Security Advisory 202402-19 - A vulnerability has been discovered in libcaca which can lead to arbitrary code execution. Versions greater than or equal to 0.99_beta19-r4 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-18

Gentoo Linux Security Advisory 202402-18 - Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution. Versions greater than or equal to 4.97.1 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-17

Gentoo Linux Security Advisory 202402-17 - Multiple vulnerabilities have been discovered in CUPS, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 2.4.7 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-16

Gentoo Linux Security Advisory 202402-16 - Multiple vulnerabilities have been discovered in Apache Log4j, the worst of which can lead to remote code execution. Versions less than or equal to 1.2.17 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-15

Gentoo Linux Security Advisory 202402-15 - A vulnerability has been discovered in e2fsprogs which can lead to arbitrary code execution. Versions greater than or equal to 1.46.6 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-14

Gentoo Linux Security Advisory 202402-14 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.12_p20240122 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-13

Gentoo Linux Security Advisory 202402-13 - A vulnerability has been discovered in TACACS+ which could lead to remote code execution. Versions less than or equal to 4.0.4.27a-r3 are affected.

Advisory Files ≈ Packet Storm

Gentoo Linux Security Advisory 202402-12

Gentoo Linux Security Advisory 202402-12 - A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read. Versions greater than or equal to 1.34-r3 are affected.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5625-1

Debian Linux Security Advisory 5625-1 - It was discovered that Engrampa, an archive manager for the MATE desktop environment was susceptible to path traversal when handling CPIO archives.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0857-03

Red Hat Security Advisory 2024-0857-03 - An update for python-pillow is now available for Red Hat Enterprise Linux 7. Issues addressed include a code execution vulnerability.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0855-03

Red Hat Security Advisory 2024-0855-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include a memory exhaustion vulnerability.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0495-03

Red Hat Security Advisory 2024-0495-03 - An update is now available for Red Hat build of Quarkus.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0494-03

Red Hat Security Advisory 2024-0494-03 - An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.

Exploit-DB Updates

[webapps] SureMDM On-premise < 6.31 - CAPTCHA Bypass User Enumeration

SureMDM On-premise

Exploit-DB Updates

[webapps] Wondercms 4.3.2 - XSS to RCE

Wondercms 4.3.2 - XSS to RCE

Exploit-DB Updates

[webapps] JFrog Artifactory < 7.25.4 - Blind SQL Injection

JFrog Artifactory

Exploit-DB Updates

[dos] XAMPP - Buffer Overflow POC

XAMPP - Buffer Overflow POC

Exploit-DB Updates

[webapps] phpFox < 4.8.13 - (redirect) PHP Object Injection Exploit

phpFox

Exploit-DB Updates

[local] Microsoft Windows Defender Bypass - Detection Mitigation Bypass

Microsoft Windows Defender Bypass - Detection Mitigation Bypass

Exploit-DB Updates

[local] Microsoft Windows Defender - VBScript Detection Bypass

Microsoft Windows Defender - VBScript Detection Bypass

Exploit-DB Updates

[webapps] Employee Management System v1 - 'email' SQL Injection

Employee Management System v1 - 'email' SQL Injection

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0851-03

Red Hat Security Advisory 2024-0851-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0850-03

Red Hat Security Advisory 2024-0850-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0848-03

Red Hat Security Advisory 2024-0848-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0843-03

Red Hat Security Advisory 2024-0843-03 - Red Hat OpenShift Serverless version 1.31.1 is now available. Issues addressed include denial of service and traversal vulnerabilities.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6626-3

Ubuntu Security Notice 6626-3 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6640-1

Ubuntu Security Notice 6640-1 - It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6629-3

Ubuntu Security Notice 6629-3 - USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6639-1

Ubuntu Security Notice 6639-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6628-2

Ubuntu Security Notice 6628-2 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6638-1

Ubuntu Security Notice 6638-1 - Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5624-1

Debian Linux Security Advisory 5624-1 - Mate Kukri discovered the Debian build of EDK2, a UEFI firmware implementation, used an insecure default configuration which could result in Secure Boot bypass via the UEFI shell.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5623-1

Debian Linux Security Advisory 5623-1 - It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5622-1

Debian Linux Security Advisory 5622-1 - It was discovered that a late privilege drop in the "REFRESH MATERIALIZED VIEW CONCURRENTLY" command could allow an attacker to trick a user with higher privileges to run SQL commands with these permissions.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6636-1

Ubuntu Security Notice 6636-1 - It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent feature. An attacker able to connect to ClamD could possibly use this issue to execute arbitrary code.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6635-1

Ubuntu Security Notice 6635-1 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0827-03

Red Hat Security Advisory 2024-0827-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Advisory Files ≈ Packet Storm

Red Hat Security Advisory 2024-0820-03

Red Hat Security Advisory 2024-0820-03 - Red Hat Advanced Cluster Management for Kubernetes 2.8.5 General Availability release images, which provide security updates and fix bugs. Issues addressed include denial of service and traversal vulnerabilities.

Full Disclosure

44CON 2024 September 18th - 20th CFP

Posted by Florent Daigniere via Fulldisclosure on Feb 15

44CON is the UK's largest combined annual Security Conference and
Training event. Taking place 18,19,20 of September at the
Novotel London West near Hammersmith, London. We will have a fully
dedicated conference facility, including catering, private bar, amazing
coffee and a daily Gin O’Clock break.

        _  _
/_//_//  / //\ /  | 18th - 20th September 2024
 /  //_,/_//  /   | Novotel London West, London

   -=-...

Exploit-DB Updates

[webapps] SISQUALWFM 7.1.319.103 - Host Header Injection

SISQUALWFM 7.1.319.103 - Host Header Injection

Exploit-DB Updates

[webapps] Metabase 0.46.6 - Pre-Auth Remote Code Execution

Metabase 0.46.6 - Pre-Auth Remote Code Execution

Exploit-DB Updates

[local] DS Wireless Communication - Remote Code Execution

DS Wireless Communication - Remote Code Execution

Advisory Files ≈ Packet Storm

Debian Security Advisory 5621-1

Debian Linux Security Advisory 5621-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation, which may result in denial of service.

Advisory Files ≈ Packet Storm

Debian Security Advisory 5620-1

Debian Linux Security Advisory 5620-1 - Two vulnerabilities were discovered in unbound, a validating, recursive, caching DNS resolver. Specially crafted DNSSEC answers could lead unbound down a very CPU intensive and time costly DNSSEC (CVE-2023-50387) or NSEC3 hash (CVE-2023-50868) validation path, resulting in denial of service.

Advisory Files ≈ Packet Storm

OX App Suite 7.10.6 Cross Site Scirpting / Denial Of Service

Varying revisions of OX App Suite version 7.10.6 suffer from cross site scripting and resource consumption vulnerabilities.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6608-2

Ubuntu Security Notice 6608-2 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6626-2

Ubuntu Security Notice 6626-2 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6629-2

Ubuntu Security Notice 6629-2 - USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.

Advisory Files ≈ Packet Storm

Google Android Passkey Deletion / Confusion

The Google Passkey Manager on Android appears to have inconsistent messaging for deletion of data along with other varying issues that lead us to believe it's not ready for prime time.

Advisory Files ≈ Packet Storm

Ubuntu Security Notice USN-6629-1

Ubuntu Security Notice 6629-1 - It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.