Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign
Daily Archives: August 15, 2024
python-webob-1.8.8-1.fc40
FEDORA-2024-6df8e979fd
Packages in this update:
python-webob-1.8.8-1.fc40
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
python-webob-1.8.8-1.fc39
FEDORA-2024-8421f30719
Packages in this update:
python-webob-1.8.8-1.fc39
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
python-webob-1.8.8-1.el9
FEDORA-EPEL-2024-f9387068fe
Packages in this update:
python-webob-1.8.8-1.el9
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
python-webob-1.8.8-1.el8
FEDORA-EPEL-2024-ee61987af9
Packages in this update:
python-webob-1.8.8-1.el8
Update description:
Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
SolarWinds Urges Upgrade After Revealing Critical RCE Bug
SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk
python-webob-1.8.8-1.fc41
FEDORA-2024-b4c4fd0879
Packages in this update:
python-webob-1.8.8-1.fc41
Update description:
Automatic update for python-webob-1.8.8-1.fc41.
Changelog
* Thu Aug 15 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> – 1.8.8-1
– Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
– pypi_source constructed manually according to project/name case inconsistency
– only require legacy-cgi on on systems where it’s present
– remove python3.9 patch (applied upstream)
python-webob-1.8.8-1.fc42
FEDORA-2024-3e0d8c04fc
Packages in this update:
python-webob-1.8.8-1.fc42
Update description:
Automatic update for python-webob-1.8.8-1.fc42.
Changelog
* Thu Aug 15 2024 Ján ONDREJ (SAL) <ondrejj(at)salstar.sk> – 1.8.8-1
– Update to upstream. Fix open redirect issue in 1.8-branch rhbz#2305065
– pypi_source constructed manually according to project/name case inconsistency
– only require legacy-cgi on on systems where it’s present
– remove python3.9 patch (applied upstream)
Microsoft Multiple Actively Exploited Vulnerabilities
What are the Vulnerabilities?Threat actors are exploiting multiple zero-day vulnerabilities that were recently disclosed on the Microsoft Security Patch Tuesday- August, 2024. The six actively exploited zero-day vulnerabilities were also added to CISA’s Known Exploited Vulnerabilities catalog (KEV) after the disclosure. [August 2024 Security Updates- Release Notes- Microsoft]• CVE-2024-38189: Microsoft Project Remote Code Execution Vulnerability• CVE-2024-38178: Microsoft Windows Scripting Engine Memory Corruption Vulnerability• CVE-2024-38213: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability• CVE-2024-38193: Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability• CVE-2024-38106: Microsoft Windows Kernel Privilege Escalation Vulnerability• CVE-2024-38107: Microsoft Windows Power Dependency Coordinator Privilege Escalation VulnerabilityWhat is the recommended Mitigation?Microsoft has released security updates for these actively exploited vulnerabilities along with other publicly disclosed vulnerabilities. Please see Appendix for the Individual Microsoft Security update guide.What FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by Microsoft immediately to secure their systems.FortiGuard Endpoint Vulnerability Service provides a systematic and automated method of patching applications on an endpoint, eliminating manual processes while reducing the attack surface.Endpoint Vulnerability | FortiGuard LabsFortiGuard IPS Signatures are available for protection against the exploitation of vulnerabilities where applicable. Intrusion Prevention | CVE-2024-38178 Intrusion Prevention | CVE-2024-38193Intrusion Prevention | CVE-2024-38106The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
ZDI-24-1149: Ivanti Avalanche deleteSkin Directory Traversal Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2024-38652.