Posted by X41 D-Sec GmbH Advisories via Fulldisclosure on Sep 22
Advisory X41-2023-001: Two Vulnerabilities in OPNsense
===========================================================
Highest Severity Rating: High
Confirmed Affected Versions: 23.1.11_1, 23.7.3, 23.7.4
Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7
Vendor: Deciso B.V. / OPNsense
Vendor URL: https://opnsense.org
Credit: X41 D-Sec GmbH, Yasar Klawohn and JM
Status: Public
Advisory-URL:…
More Stories
USN-7015-1: Python vulnerabilities
It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could...
USN-7014-1: nginx vulnerability
It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive...
USN-7013-1: Dovecot vulnerabilities
It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this...
USN-7012-1: curl vulnerability
Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly,...
USN-7011-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause...
USN-6560-3: OpenSSH vulnerability
USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It...