Leading US and Aussie unis also sub-par on email security
Daily Archives: August 2, 2022
golang-1.18.5-1.fc36
FEDORA-2022-1f829990f0
Packages in this update:
golang-1.18.5-1.fc36
Update description:
go1.18.5 includes security fixes to the encoding/gob and math/big packages, as well as bug fixes to the compiler, the go command, the runtime, and the testing package.
ZDI-22-1038: Lexmark MC3224i Firmware Downgrade Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability.
ZDI-22-1036: NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-22-1037: NetBSD Kernel getkerninfo System Call Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of NetBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Traceable AI adds eBPF to security platform for deeper API observability and visibility
API security firm Traceable AI has announced the addition of extended Berkeley Packet Filter (eBPF) data to its platform to enhance API observability and visibility. eBPF is a technology that makes it possible to run special programs deep inside the Linux operating system in an isolated way.
A variant of BPF, it has become a universal in-kernel virtual machine that allows teams to collect data from Linux applications and network resources more easily and efficiently. By adding eBPF data to its platform, Traceable AI said it is helping CISOs, DevSecOps, and DevOps teams improve API security postures without the need to change kernel source code or add instrumentation.
Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 6969. Third-party adversaries
who can reach infected hosts can run commands made available by the…
Backdoor.Win32.Destrukor.20 / Authentication Bypass
Posted by malvuln on Aug 01
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/c790749f851d48e66e7d59cc2e451956.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.Destrukor.20
Vulnerability: Authentication Bypass
Description: The malware listens on TCP port 6969. However, after sending a
specific cmd “rozmiar” the backdoor returns “moznasciagac” in Polish…
DSA-5198 jetty9 – security update
Two security vulnerabilities were discovered in Jetty, a Java servlet engine
and webserver.