USN-5651-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and
and CRL distribution points (CDP) in certificates. A remote attacker could
possibly use this issue to initiate IKE_SAs and send crafted certificates
that contain URIs pointing to servers under their control, which can lead
to a denial-of-service attack.
Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice until a complete patch can be developed, but according to reports, the proposed mitigation can be easily bypassed.
The new vulnerabilities were discovered in early August by a Vietnamese security company called GTSC while performing security monitoring and incident response for a customer whose servers were attacked. Initially, the GTSC researchers thought they might be dealing with a ProxyShell exploit based on the malicious requests seen in the server logs which looked similar. ProxyShell is an attack that chains three Exchange vulnerabilities and was patched last year.
Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and
and CRL distribution points (CDP) in certificates. A remote attacker could
possibly use this issue to initiate IKE_SAs and send crafted certificates
that contain URIs pointing to servers under their control, which can lead
to a denial-of-service attack.
USN-5614-1 fixed a vulnerability in Wayland. This update
provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Wayland incorrectly handled reference counting
certain objects. An attacker could use this issue to cause Wayland to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Hackers have leaked data stolen from the United States’s second-largest school district, after the Los Angeles Unified School District (LAUSD) announced it would not be giving in to ransom demands.
Read more in my article on the Hot for Security blog.
It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)
Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)
Here are six essential questions that organizations should continually ask themselves to build and scale an effective, sustainable cybersecurity plan. […]
Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.
