Category Archives: Advisories

Advisories

[asterisk-dev] Asterisk Security Release 21.6.1

Read Time:21 Second

Posted by Asterisk Development Team on Jan 15

The Asterisk Development Team would like to announce security release
Asterisk 21.6.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/21.6.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 21.6.1

## Change Log for Release asterisk-21.6.1

### Links:

– [Full ChangeLog](…

Read More

Advisories

[asterisk-dev] Asterisk Security Release 20.11.1

Read Time:21 Second

Posted by Asterisk Development Team on Jan 15

The Asterisk Development Team would like to announce security release
Asterisk 20.11.1.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.11.1
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.11.1

## Change Log for Release asterisk-20.11.1

### Links:

– [Full ChangeLog](…

Read More

Advisories

Rsync File Synchronization Tool Vulnerabilities

Read Time:1 Minute, 15 Second

What are the Vulnerabilities?Six security vulnerabilities have been disclosed in the popular Rsync tool, an open-source file synchronization and data transferring tool utilized for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage. Several popular backup software such as Rclone, DeltaCopy, and ChronoSync use Rsync for file synchronization. The vulnerabilities are present within versions 3.3.0 and below and includes heap-buffer overflow, information disclosure, file leak, external directory file-write, and symbolic-link race condition. CVE-2024-12084- Heap-buffer overflow in Rsync due to improper checksum length handling CVE-2024-12085- Information leak via uninitialized stack contents CVE-2024-12086- Rsync server leaks arbitrary client files CVE-2024-12087- Path traversal vulnerability in Rsync CVE-2024-12088- Safe-links option bypass that leads to path traversal CVE-2024-12747- Race condition in Rsync when handling symbolic linksCERT/CC also mentioned that an attacker could combine CVE-2024-12084 and CVE-2024-12085 to achieve arbitrary code execution on a client that has a Rsync server running. Read more at VU#952657What is the recommended Mitigation?Users are advised to apply the latest patches available at GitHub – RsyncProjectWhat FortiGuard Coverage is available?FortiGuard recommends users to apply the fix provided by the vendor and follow any mitigation as mentioned on VU#952657FortiGuard protection is being reviewed, and this Threat Signal will be updated accordingly as it becomes available.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.

Read More

Advisories

USN-7173-3: Linux kernel (Raspberry Pi) vulnerabilities

Read Time:42 Second

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Network drivers;
– SCSI subsystem;
– Ext4 file system;
– Bluetooth subsystem;
– Memory management;
– Amateur Radio drivers;
– Network traffic control;
– Sun RPC protocol;
– VMware vSockets driver;
(CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967,
CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101,
CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966,
CVE-2024-35967, CVE-2024-53057, CVE-2024-38597)

Read More

Advisories

Multiple Vulnerabilities in Rsync Could Allow for Remote Code Execution

Read Time:39 Second

Multiple vulnerabilities have been discovered in Rsync, the most severe of which could allow for remote code execution. Rsync is an open-source file synchronization and data transferring tool valued for its ability to perform incremental transfers, reducing data transfer times and bandwidth usage. The tool is utilized extensively by backup systems like Rclone, DeltaCopy, ChronoSync, public file distribution repositories, and cloud and server management operations. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

Advisories

USN-7204-1: NeoMutt vulnerabilities

Read Time:1 Minute, 36 Second

Jeriko One discovered that NeoMutt incorrectly handled certain IMAP
and POP3 responses. An attacker could possibly use this issue to
cause NeoMutt to crash, resulting in a denial of service, or
the execution of arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2018-14349, CVE-2018-14350, CVE-2018-14351,
CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355,
CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359,
CVE-2018-14362)

Jeriko One discovered that NeoMutt incorrectly handled certain
NNTP-related operations. An attacker could possibly use this issue
to cause NeoMutt to crash, resulting in denial of service, or
the execution of arbitrary code. This issue only affected
Ubuntu 18.04 LTS. (CVE-2018-14360, CVE-2018-14361, CVE-2018-14363)

It was discovered that NeoMutt incorrectly processed additional data
when communicating with mail servers. An attacker could possibly use
this issue to access senstive information. This issue only affected
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14954, CVE-2020-28896)

It was discovered that Neomutt incorrectly handled the IMAP QRSync
setting. An attacker could possibly use this issue to cause NeoMutt
to crash, resulting in denial of service. This issue only affected
Ubuntu 20.04 LTS. (CVE-2021-32055)

Tavis Ormandy discovered that NeoMutt incorrectly parsed uuencoded
text past the length of the string. An attacker could possibly use
this issue to enable the execution of arbitrary code. This issue
only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-1328)

It was discovered that NeoMutt did not properly encrypt email headers.
An attacker could possibly use this issue to receive emails that were
not intended for them and access sensitive information. This
vulnerability was only fixed in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 24.04 LTS. (CVE-2024-49393, CVE-2024-49394)

Read More