Category Archives: Advisories

Advisories

unbound-1.16.2-3.fc35

Read Time:15 Second

FEDORA-2022-0a914d5c6b

Packages in this update:

unbound-1.16.2-3.fc35

Update description:

sync up to upstream unbound.conf, Enable Extended DNS Error codes (RFC8914)

Fixes CVE-2022-30698 and CVE-2022-30699

Start unbound-keygen.service each time unbound starts if files are not already present.

Read More

Advisories

unbound-1.16.2-3.fc36

Read Time:11 Second

FEDORA-2022-f89beb0640

Packages in this update:

unbound-1.16.2-3.fc36

Update description:

sync up to upstream unbound.conf, Enable Extended DNS Error codes (RFC8914)

Fixes CVE-2022-30698 and CVE-2022-30699

Read More

Advisories

unbound-1.16.2-2.fc35

Read Time:11 Second

FEDORA-2022-28fbfb87ef

Packages in this update:

unbound-1.16.2-2.fc35

Update description:

Fixes CVE-2022-30698 and CVE-2022-30699

Start unbound-keygen.service each time unbound starts if files are not already present.

Read More

Advisories

Multiple Vulnerabilities in Exim Could Allow for Remote Code Execution

Read Time:24 Second

Multiple vulnerabilities have been discovered in Exim, the most severe of which could allow for remote code execution. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of the most severe of these vulnerabilities will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Read More

Advisories

Multiple Vulnerabilities in Exim Could Allow for Remote Code Execution

Read Time:24 Second

Multiple vulnerabilities have been discovered in Exim, the most severe of which could allow for remote code execution. Exim is a mail transfer agent used to deploy mail servers on Unix-like systems. Successful exploitation of the most severe of these vulnerabilities will enable the attacker to perform command execution as root in the context of the mail server. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Read More

Advisories

Backdoor.Win32.Guptachar.20 / Insecure Credential Storage

Read Time:19 Second

Posted by malvuln on Aug 08

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022
Original source:
https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Backdoor.Win32.Guptachar.20
Vulnerability: Insecure Credential Storage
Description: The malware runs a web server on TCP port 2015 (default) and
uses BASIC authentication. The credentials “hacker01:imchampgr8” get stored
in a…

Read More