Read Time:8 Second
FEDORA-2024-c07c365ba7
Packages in this update:
yt-dlp-2024.07.07-1.fc39
Update description:
Update to 2024.07.07
Update to 2024.07.02
Daily Archives: July 8, 2024
On the CSRB’s Non-Investigation of the SolarWinds Attack
Read Time:11 Second
ProPublica has a long investigative article on how the Cyber Safety Review Board failed to investigate the SolarWinds attack, and specifically Microsoft’s culpability, even though they were directed by President Biden to do so.
USN-6885-1: Apache HTTP Server vulnerabilities
Read Time:1 Minute, 12 Second
Marc Stern discovered that the Apache HTTP Server incorrectly handled
serving WebSocket protocol upgrades over HTTP/2 connections. A remote
attacker could possibly use this issue to cause the server to crash,
resulting in a denial of service. (CVE-2024-36387)
Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly sent certain request URLs with incorrect encodings to backends.
A remote attacker could possibly use this issue to bypass authentication.
(CVE-2024-38473)
Orange Tsai discovered that the Apache HTTP Server mod_rewrite module
incorrectly handled certain substitutions. A remote attacker could possibly
use this issue to execute scripts in directories not directly reachable
by any URL, or cause a denial of service. Some environments may require
using the new UnsafeAllow3F flag to handle unsafe substitutions.
(CVE-2024-38474, CVE-2024-38475, CVE-2024-39573)
Orange Tsai discovered that the Apache HTTP Server incorrectly handled
certain response headers. A remote attacker could possibly use this issue
to obtain sensitive information, execute local scripts, or perform SSRF
attacks. (CVE-2024-38476)
Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly handled certain requests. A remote attacker could possibly use
this issue to cause the server to crash, resulting in a denial of service.
(CVE-2024-38477)
It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code. (CVE-2024-39884)
krb5-1.21.2-6.fc41
Read Time:22 Second
FEDORA-2024-36514cd080
Packages in this update:
krb5-1.21.2-6.fc41
Update description:
Automatic update for krb5-1.21.2-6.fc41.
Changelog
* Mon Jul 8 2024 Julien Rische <jrische@redhat.com> – 1.21.2-6
– CVE-2024-37370 CVE-2024-37371: GSS message token handling
Resolves: rhbz#2294678 rhbz#2294680
– Fix double free in klist’s show_ccache()
Resolves: rhbz#2257301
– Do not include files with “~” termination in krb5-tests
New APT CloudSorcerer Malware Hits Russian Targets
Read Time:4 Second
The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces
Mekotio Trojan Targets Latin American Banking Credentials
Read Time:4 Second
Trend Micro said the trojan has been observed masquerading as communications from tax agencies
ChatGPT for Mac app flaw left users’ chat history exposed
Read Time:10 Second
OpenAI’s ever-so-clever ChatGPT’s software was doing something really-rather-stupid: storing users’ chats on their Mac computers in plaintext.
Read more in my article on the Hot for Security blog.
Cisco Warns regreSSHion Vulnerability Impacts Multiple Products
Read Time:7 Second
Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated
Russia Blocks VPN Services in Information Crackdown
Read Time:6 Second
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens
USN-6884-1: Nova vulnerability
Read Time:9 Second
Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.