Read Time:5 Second
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.
Yearly Archives: 2023
CVE-2020-19319
Read Time:5 Second
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.
USN-6339-3: Linux kernel vulnerabilities
Read Time:1 Minute, 38 Second
It was discovered that the NTFS file system implementation in the Linux
kernel did not properly validate MFT flags in certain situations. An
attacker could use this to construct a malicious NTFS image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2022-48425)
Zi Fan Tan discovered that the binder IPC implementation in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-21255)
It was discovered that a race condition existed in the f2fs file system in
the Linux kernel, leading to a null pointer dereference vulnerability. An
attacker could use this to construct a malicious f2fs image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-2898)
It was discovered that the DVB Core driver in the Linux kernel did not
properly handle locking events in certain situations. A local attacker
could use this to cause a denial of service (kernel deadlock).
(CVE-2023-31084)
Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-3212)
It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer sizes in certain operations, leading to an out-of-
bounds read vulnerability. A remote attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information.
(CVE-2023-38426, CVE-2023-38428)
It was discovered that the KSMBD implementation in the Linux kernel did not
properly calculate the size of certain buffers. A remote attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-38429)
CVE-2020-19318
Read Time:10 Second
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
USN-6237-3: curl vulnerabilities
Read Time:40 Second
USN-6237-1 fixed several vulnerabilities in curl. This update provides the
corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and
Ubuntu 18.04 LTS.
Original advisory details:
Hiroki Kurosawa discovered that curl incorrectly handled validating certain
certificate wildcards. A remote attacker could possibly use this issue to
spoof certain website certificates using IDN hosts. (CVE-2023-28321)
Hiroki Kurosawa discovered that curl incorrectly handled callbacks when
certain options are set by applications. This could cause applications
using curl to misbehave, resulting in information disclosure, or a denial
of service. (CVE-2023-28322)
It was discovered that curl incorrectly handled saving cookies to files. A
local attacker could possibly use this issue to create or overwrite files.
This issue only affected Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-32001)
A Vulnerability in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software Could Allow for Unauthorized Access
Read Time:46 Second
A vulnerability has been discovered in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) software that could allow for unauthorized access. Cisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors for any distributed network environment. Cisco Firepower Threat Defense (FTD) Software is an integrative software image combining CISCO ASA and Firepower feature into one hardware and software inclusive system to assist in flagging specific network traffic patterns, create alerts and better control your network. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. Utilizing the brute force attack to obtain valid credentials, an attacker could use this to establish unauthorized VPN sessions and then install ransomware.
Cuba Ransomware Group Unleashes Undetectable Malware
Read Time:5 Second
Kaspersky found suspicious files in December 2022 which activated the komar65 library known as BUGHATCH
Lazarus Group Targets macOS in Supply Chain Assault
Read Time:6 Second
ESET explained the impact of the supply chain attack translated to a 16.8% increase in Trojan detections
USN-6164-2: c-ares vulnerabilities
Read Time:30 Second
USN-6164-1 fixed several vulnerabilities in c-ares. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Hannes Moesl discovered that c-ares incorrectly handled certain ipv6
addresses. An attacker could use this issue to cause c-ares to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2023-31130)
Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A
remote attacker could possibly use this issue to cause c-res to crash,
resulting in a denial of service. (CVE-2023-32067)
Pentagon Urges Collaboration in Cyber Defense
Read Time:3 Second
Beavers emphasized ongoing modernization initiatives for IT architecture and user experience