USN-7108-1 fixed vulnerabilities in AysncSSH. This update provides the
corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the extension info message. An attacker able to
intercept communications could possibly use this issue to downgrade
the algorithm used for client authentication. (CVE-2023-46445)
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the user authentication request message. An
attacker could possibly use this issue to control the remote end of an SSH
client session via packet injection/removal and shell emulation.
(CVE-2023-46446)
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46908.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46907.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46905.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46906.
This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.0. The following CVEs are assigned: CVE-2024-12552.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision GV-ASManager. Although authentication is required to exploit this vulnerability, default guest credentials may be used. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2024-12553.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The ZDI has assigned a CVSS rating of 8.5.
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
What is the attack?Two security flaws in Mitel MiCollab, CVE-2024–35286 and CVE-2024–41713, have been found and are being actively exploited, putting many organizations at risk. These vulnerabilities allow attackers bypass authentication and access files on affected servers, revealing sensitive information that could expose organizations to serious security risks. Mitel MiCollab is a popular solution that combines voice calling, video calling, chat, file sharing, screen sharing, and more into one platform for enterprise communications.What is the recommended Mitigation?Mitel has released fixes for the vulnerabilities. Organizations that have not implemented the latest patch are advised to do so immediately and monitor vendor advisories for further patch releases and information.What FortiGuard Coverage is available?FortiGuard recommends users to apply the patch and follow any mitigation steps provided by the vendor if not done already.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.The FortiGuard Endpoint Vulnerability Service is available to detect vulnerable systems related to “Mitel MiCollab CVE-2024-35286 Access Control Bypass Vulnerability” FortiClient Vulnerability | FortiGuard LabsFortiGuard IPS protection is being reviewed to block any attack attempts related to CVE-2024–35286 & CVE-2024–41713.
