Category Archives: Advisories

unrealircd-6.0.3-1.fc36

Read Time:1 Minute, 59 Second

FEDORA-2022-c51b3a7f19

Packages in this update:

unrealircd-6.0.3-1.fc36

Update description:

UnrealIRCd 6.0.3

A number of serious issues were discovered in UnrealIRCd 6. Among these is an issue which will likely crash the IRCd sooner or later if you /REHASH with any active clients connected.

Fixes

Crash in WATCH if the IRCd has been rehashed at least once. After doing a REHASH with active clients it will likely corrupt memory. It may take several days until after the rehash for the crash to occur, or even weeks/months on smaller networks (accidental triggering, that is).
A REHASH with certain remote includes setups could cause a crash or other weird and confusing problems such as complaining about unable to open an ipv6-database or missing snomask configuration. This only affected some people with remote includes, not all.
Potential out-of-bounds write in sending code. In practice it seems harmless on most servers but this cannot be 100% guaranteed.
Unlikely triggered log message would log uninitialized stack data to the log file or send it to ircops.
Channel ops could not remove halfops from a user (-h).
After using the RESTART command (not recommended) the new IRCd was often no longer writing to log files.
Fix compile problem if you choose to use cURL remote includes but don’t have cURL on the system and ask UnrealIRCd to compile cURL.

Enhancements

The default text log format on disk changed. It now includes the server name where the event was generated. Without this, it was sometimes difficult to trace problems, since previously it sometimes looked like there was a problem on your server when it was actually another server on the network.
Old log format: [DATE TIME] subsystem.EVENT_ID loglevel: ……..
New log format: [DATE TIME] servername subsystem.EVENT_ID loglevel: ……..

Changes

Any MOTD lines added by services via SVSMOTD are now shown at the end of the MOTD-on-connect (unless using a shortmotd). Previously the lines were only shown if you manually ran the MOTD command.

Protocol

LIST C<xx now means: filter on channels that are created less than xx minutes ago. This is the opposite of what we had earlier. LIST T<xx is now supported as well (topic changed in last xx minutes), it was already advertised in ELIST but support was not enabled previously.

Read More

unrealircd-6.0.3-1.el9

Read Time:1 Minute, 59 Second

FEDORA-EPEL-2022-e43d93b6a0

Packages in this update:

unrealircd-6.0.3-1.el9

Update description:

UnrealIRCd 6.0.3

A number of serious issues were discovered in UnrealIRCd 6. Among these is an issue which will likely crash the IRCd sooner or later if you /REHASH with any active clients connected.

Fixes

Crash in WATCH if the IRCd has been rehashed at least once. After doing a REHASH with active clients it will likely corrupt memory. It may take several days until after the rehash for the crash to occur, or even weeks/months on smaller networks (accidental triggering, that is).
A REHASH with certain remote includes setups could cause a crash or other weird and confusing problems such as complaining about unable to open an ipv6-database or missing snomask configuration. This only affected some people with remote includes, not all.
Potential out-of-bounds write in sending code. In practice it seems harmless on most servers but this cannot be 100% guaranteed.
Unlikely triggered log message would log uninitialized stack data to the log file or send it to ircops.
Channel ops could not remove halfops from a user (-h).
After using the RESTART command (not recommended) the new IRCd was often no longer writing to log files.
Fix compile problem if you choose to use cURL remote includes but don’t have cURL on the system and ask UnrealIRCd to compile cURL.

Enhancements

The default text log format on disk changed. It now includes the server name where the event was generated. Without this, it was sometimes difficult to trace problems, since previously it sometimes looked like there was a problem on your server when it was actually another server on the network.
Old log format: [DATE TIME] subsystem.EVENT_ID loglevel: ……..
New log format: [DATE TIME] servername subsystem.EVENT_ID loglevel: ……..

Changes

Any MOTD lines added by services via SVSMOTD are now shown at the end of the MOTD-on-connect (unless using a shortmotd). Previously the lines were only shown if you manually ran the MOTD command.

Protocol

LIST C<xx now means: filter on channels that are created less than xx minutes ago. This is the opposite of what we had earlier. LIST T<xx is now supported as well (topic changed in last xx minutes), it was already advertised in ELIST but support was not enabled previously.

Read More

Post Title

Read Time:19 Second

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for local code execution. Successful exploitation of the most severe vulnerability could allow an attacker to execute code in the context of the kernel. Malicious actors with administrative access may be able to install programs; view, change, or delete data; or create new accounts with full user rights.

Read More

CVE-2019-14839

Read Time:9 Second

It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and password when intercepted using some tool like burp suite etc.

Read More

CVE-2020-14479

Read Time:8 Second

Sensitive information can be obtained through the handling of serialized data. The issue results from the lack of proper authentication required to query the server

Read More

CVE-2020-25691

Read Time:11 Second

A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of-service by accessing a file with a large modification date. The highest threat from this vulnerability is to system availability.

Read More

CVE-2021-20238

Read Time:41 Second

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint (port 22623) provides ignition configuration used for bootstrapping Nodes and can include some sensitive data, e.g. registry pull secrets. There are two scenarios where this data can be accessed. The first is on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal API endpoint and allow access from outside the cluster to port 22623 from the standard OpenShift API Virtual IP address. The second is on cloud deployments when using unsupported network plugins, which do not create iptables rules that prevent to port 22623. In this scenario, the ignition config is exposed to all pods within the cluster and cannot be accessed externally.

Read More

CVE-2021-20295

Read Time:33 Second

It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://access.redhat.com/security/cve/CVE-2020-10756.

Read More

CVE-2021-22277

Read Time:11 Second

Improper Input Validation vulnerability in ABB 800xA, Control Software for AC 800M, Control Builder Safe, Compact Product Suite – Control and I/O, ABB Base Software for SoftControl allows an attacker to cause the denial of service.

Read More

CVE-2022-26233: Barco Control Room Management Suite File Path Traversal Vulnerability

Read Time:21 Second

Posted by Murat Aydemir on Apr 01

*I. SUMMARY*
Title: [CVE-2022-2623] Barco Control Room Management Suite File Path
Traversal Vulnerability
Product: Barco Control Room Management Suite before 2.9 build 0275 and all
prior versions
Vulnerability Type: File Path Traversal
Credit by/Researcher: Murat Aydemir from Accenture Cyber Security Team
(Prague CFC)
Contact: https://twitter.com/mrtydmr75
Github: https://github.com/murataydemir

*II. CVE REFERENCE, CVSS SCORES &…

Read More