An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead
to a segmentation fault and denial of service. This occurs in
bgp_capability_msg_parse in bgpd/bgp_packet.c.

Read More

Several flaws were found in tiffcrop, a program distributed by tiff, the Tag
Image File Format (TIFF) library and tools. A specially crafted tiff file
can lead to an out-of-bounds write or read resulting in a denial of service.

Read More

FEDORA-2023-d04facf6ce

Packages in this update:

perl-HTTP-Daemon-6.15-1.fc38

Update description:

6.15 2023-02-22 22:02:46Z

Fix CVE-2022-31081: Inconsistent Interpretation of HTTP Requests
Correctly handle multiple Content-Length headers and its variants
(Theo van Hoesel)
Closes “Discrepancies in the Parsing of Content Length header …” (GH#56)
(blessingcharles)
kill test server with KILL rather than QUIT (GH#63) (Graham Knop)
Create TestServer test lib for running daemon process (GH#62) (Graham Knop)
Clean up tests (GH#61) (Graham Knop)

Read More

Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)

Lee Jones discovered that a use-after-free vulnerability existed in the
Bluetooth implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-20566)

Duoming Zhou discovered that a race condition existed in the SLIP driver in
the Linux kernel, leading to a null pointer dereference vulnerability. An
attacker could use this to cause a denial of service (system crash).
(CVE-2022-41858)

Tamás Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-42895)

José Oliveira and Rodrigo Branco discovered that the prctl syscall
implementation in the Linux kernel did not properly protect against
indirect branch prediction attacks in some situations. A local attacker
could possibly use this to expose sensitive information. (CVE-2023-0045)

It was discovered that the RNDIS USB driver in the Linux kernel contained
an integer overflow vulnerability. A local attacker with physical access
could plug in a malicious USB device to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2023-23559)

Read More

Posted by Stefan Kanthak on Feb 22

Hi @ll,

in Windows 11 22H2. some imbeciles from Redmond added the following
(of course WRONG and INVALID) registry entries and keys which they
dare to ship to their billion world-wide users:

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSrpGp]
“RuleCount”=dword:00000002
“LastWriteTime”=hex(b):01,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSrpGpDLL]

JFTR: the time stamp is 100ns past…

Read More

Posted by Eric Flokstra on Feb 22

# Product Name: Device Manager Express
# Vendor Homepage: https://www.audiocodes.com
# Software Link:
https://www.audiocodes.com/solutions-products/products/management-products-solutions/device-manager
# Version: <= 7.8.20002.47752
# Tested on: Windows 10 / Server 2019
# Default credentials: admin/admin
# CVE-2022-24627, CVE-2022-24628, CVE-2022-24629, CVE-2022-24630,
CVE-2022-24631, CVE-2022-24632
# Exploit:…

Read More

Posted by dammitjosie— via Fulldisclosure on Feb 22

security bug:

go sumologic.com (big company, many customer)

make free account

log in account, make access key – help.sumologic.com/docs/manage/security/access-keys/
<http://help.sumologic.com/docs/manage/security/access-keys/>

download collector for windows –
help.sumologic.com/docs/send-data/installed-collectors/collector-installation-reference/download-collector-from-static-url/

<…

Read More

Multiple security vulnerabilities have been discovered in Asterisk, an Open
Source Private Branch Exchange. Buffer overflows and other programming errors
could be exploited for launching a denial of service attack or the execution of
arbitrary code.

Read More

Several vulnerabilities have been discovered in git, a fast, scalable,
distributed revision control system.

Read More

Xi Lu discovered that missing input sanitising in Emacs (in etags, the
Ruby mode and htmlfontify) could result in the execution of arbitrary
shell commands.

Read More