Read Time:10 Second
An integer overflow flaw was discovered in the CRL parser in libksba, an
X.509 and CMS support library, which could result in denial of service
or the execution of arbitrary code.
Yearly Archives: 2022
CyberDanube Security Research 20221009-0 | Authenticated Command Injection in Intelbras WiFiber 120AC inMesh
Read Time:11 Second
Posted by Thomas Weber on Oct 16
CyberDanube Security Research 20221009-0
——————————————————————————-
title| Authenticated Command Injection
product| Intelbras WiFiber 120AC inMesh
vulnerable version| 1.1-220216
fixed version| 1-1-220826
CVE number|
impact| High
homepage|…
Backdoor.Win32.DarkSky.23 / Remote Stack Buffer Overflow (SEH)
Read Time:20 Second
Posted by malvuln on Oct 16
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/1164ef21ef2af97e0339359c0dce5e7d.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.DarkSky.23
Vulnerability: Remote Stack Buffer Overflow (SEH)
Description: The malware listens on TCP port 5418. Third-party adversaries
who can reach the server can send a specially crafted payload triggering a
stack…
APPLE-SA-2022-10-10-1 iOS 16.0.3
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Oct 16
APPLE-SA-2022-10-10-1 iOS 16.0.3
iOS 16.0.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213480.
Mail
Available for: iPhone 8 and later
Impact: Processing a maliciously crafted email message may lead to a
denial-of-service
Description: An input validation issue was addressed with improved
input validation.
CVE-2022-22658
This update is available through iTunes and…
Re: over 2000 packages depend on abort()ing libgmp
Read Time:25 Second
Posted by Matthew Fernandez on Oct 16
I am not quite sure what point you’re making. CVE-2021-43618 is a
different issue; a programming error that results in a segfault. I.e.
even if an application using libgmp supplied their own allocator,¹ they
could still experience segfaults when dealing with malicious input.
The case you brought to FD (IIUC) is an input including large numbers
that causes libgmp to exhaust memory when dealing with them. In this
case, an application…
Re: over 2000 packages depend on abort()ing libgmp
Read Time:23 Second
Posted by Georgi Guninski on Oct 16
Observe that ubuntu issue advisory about libgmp crash
without mentioning potential exploitability.
quote:
https://ubuntu.com/security/notices/USN-5672-1
Details
12 October 2022
It was discovered that GMP did not properly manage memory
on 32-bit platforms when processing a specially crafted
input. An attacker could possibly use this issue to cause
applications using GMP to crash, resulting in a denial of
service.
References
CVE-2021-43618
Apple Music Android Application – MITM SSL Certificate Vulnerability (CVE-2022-32906)
Read Time:23 Second
Posted by David Coomber on Oct 16
Apple Music Android Application – MITM SSL Certificate Vulnerability
(CVE-2022-32906)
https://www.info-sec.ca/advisories/Apple-Music-Android.html
Overview
“Stream over 90 million songs, all ad-free.”
(https://play.google.com/store/apps/details?id=com.apple.android.music)
Issue
The Apple Music Android application (versions 3.8.0 – 3.10.2 were
tested, versions 2.0.1 – 3.7.2 have not been tested
[…