Read Time:6 Second
FEDORA-2023-ebbe7e9887
Packages in this update:
netconsd-0.4-1.fc37
Update description:
Update to 0.4
Monthly Archives: November 2023
USN-6468-1: Thunderbird vulnerabilities
Read Time:36 Second
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2023-5724, CVE-2023-5728,
CVE-2023-5730, CVE-2023-5732)
Kelsey Gilbert discovered that Thunderbird did not properly manage certain
browser prompts and dialogs due to an insufficient activation-delay. An
attacker could potentially exploit this issue to perform clickjacking.
(CVE-2023-5721)
Shaheen Fazim discovered that Thunderbird did not properly validate the URLs
open by installed WebExtension. An attacker could potentially exploit this
issue to obtain sensitive information. (CVE-2023-5725)
Smashing Security podcast #346: How hackers are breaching Booking.com, and the untrustworthy reviews
Read Time:14 Second
Workers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
DSA-5545-1 vlc – security update
Read Time:8 Second
An out-of-bounds write was discovered in the MMS demuxer of the VLC media
player.
DSA-5546-1 chromium – security update
Read Time:9 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
DSA-5546 chromium – security update
Read Time:7 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
DSA-5545 vlc – security update
Read Time:5 Second
An out-of-bounds write was discovered in the MMS demuxer of the VLC media
player.
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Read Time:1 Minute, 21 Second
What is Citrix NetScaler ADC and NetScaler Gateway?
Citrix NetScaler ADC, previously known as Citrix ADC, is an Application Delivery Controller (ADC) designed to achieve secure and optimized network traffic.
Citrix NetScaler Gateway, previously known as Citrix Gateway, is an SSL-VPN solution designed to provide secure and optimized remote access.
What is the Attack?
According to the blog published by Citrix, CVE-2023-4966 is a buffer overflow vulnerability that can result in unauthorized data disclosure on Citrix NetScaler ADC and NetScaler Gateway products.
These products when configured as a gateway or as an authentication, authorization and auditing (AAA) virtual servers have this particular weakness. The advisory also states that the vulnerability is rated critical, and no workarounds are available. Only an upgrade to the affected products can mitigate the attack.
Why is this Significant?
This is significant because the Citrix blog acknowledged that CVE-2023-4966 has been exploited in the wild. Also, CISA added the vulnerability to the Known Exploited Vulnerabilities Catalog on Oct 18th.
The vulnerability was discovered earlier by their internal team and the advisory and related patches were published on Oct 10th.
FortiGuard Labs has available protection for the vulnerability and seeing several thousand attempts to exploit the vulnerability.
What is the Vendor Solution?
Citrix released relevant updates to the affected products since Oct 10th.
What FortiGuard Coverage is available?
FortiGuard Labs has an IPS signature “HTTP.Header.Overly.Long.Host.Field.Value (with default action is set to “block”) in place for CVE-2023-4966.
FortiGuard Labs advises users to install the relevant updated version of NetScaler ADC and NetScaler as soon as possible.
USN-6454-4: Linux kernel (StarFive) vulnerabilities
Read Time:56 Second
Kyle Zeng discovered that the netfilter subsystem in the Linux kernel
contained a race condition in IP set operations in certain situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-42756)
Alex Birnberg discovered that the netfilter subsystem in the Linux kernel
did not properly validate register length, leading to an out-of- bounds
write vulnerability. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-4881)
It was discovered that the Quick Fair Queueing scheduler implementation in
the Linux kernel did not properly handle network packets in certain
conditions, leading to a use after free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-4921)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle removal of rules from chain bindings in certain
circumstances, leading to a use-after-free vulnerability. A local attacker
could possibly use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2023-5197)
Who Is CIS?
Read Time:7 Second
At CIS, we are innovators in developing prioritized guidance that is proven to help organizations mitigate cyber risk. Here’s how we do it.