CVE-2022-27665

Read Time:23 Second

Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.

Read More

Israeli cybersecurity firm launches managed services offering for MSPs

Read Time:43 Second

Israel-based managed cybersecurity provider Guardz has announced the general availability of its first cybersecurity offering for managed service providers (MSP) and IT professionals.

“The launch of this dedicated MSP platform brings Guardz one step closer to our goal of democratizing enterprise-grade level cybersecurity technologies,” said Dor Eisner, co-founder and CEO of Guardz. “MSPs will be able to give their clients the confidence that their business is secure from the inside out and gain complete visibility into their users’ cyber posture.”

Guardz’ namesake offering comes shortly after the company exited stealth in January with $10 million in seed funding. Company co-founder Eisner previously worked at the Israeli Military Intelligence as a cybersecurity team lead, while the other co-founder Alon Lavi was a staff sergeant at Israel Defense Forces before starting Guardz.

To read this article in full, please click here

Read More

USN-5993-1: Samba vulnerabilities

Read Time:19 Second

Demi Marie Obenour discovered that the Samba LDAP server incorrectly
handled certain confidential attribute values. A remote authenticated
attacker could possibly use this issue to obtain certain sensitive
information. (CVE-2023-0614)

Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly
sent passwords in cleartext. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2023-0922)

Read More

podman-4.4.4-3.fc37

Read Time:11 Second

FEDORA-2023-c40519168b

Packages in this update:

podman-4.4.4-3.fc37

Update description:

Resolves: 2183639,2183641 – use min conmon v2.1.7

Adjust tests for new Ansible

auto bump to v4.4.3

Read More

podman-4.4.4-3.fc38

Read Time:11 Second

FEDORA-2023-c6f82ee005

Packages in this update:

podman-4.4.4-3.fc38

Update description:

Resolves: 2183639, 2183641 – use min conmon v2.1.7

Adjust tests for new Ansible

auto bump to v4.4.3

Read More