Posted by Apple Product Security via Fulldisclosure on Mar 27

APPLE-SA-03-25-2024-6 visionOS 1.1.1

visionOS 1.1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214093.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

CoreMedia
Available for: Apple Vision Pro
Impact: Processing an image may lead to arbitrary code execution
Description: An…

Read More

Posted by Skyler Ferrante (RIT Student) via Fulldisclosure on Mar 27

Wall-Escape (CVE-2024-28085)

Skyler Ferrante: Escape sequence injection in util-linux wall

=================================================================
Summary
=================================================================

The util-linux wall command does not filter escape sequences from
command line arguments. The vulnerable code was introduced in
commit cdd3cc7fa4 (2013). Every version since has been
vulnerable.

This allows…

Read More

Posted by malvuln on Mar 27

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/3b9e9e130d52fe95c8be82aa4b8feb74.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln

Threat: Win32.STOP.Ransomware (smokeloader)
Vulnerability: Remote Code Execution (MITM)
Family: Stop
Type: PE32
MD5 3b9e9e130d52fe95c8be82aa4b8feb74
Vuln ID: MVID-2024-0676
Disclosure: 03/22/2024
Description:
There are two roads to…

Read More

Posted by Dariusz G on Mar 27

Circontrol EV Charger vulnerabilities.

1. CVE-2020-8006 Pre-Auth Stack Based Buffer Overflow
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10)

The server in Circontrol Raption through 5.11.2 has a pre-authentication
stack-based buffer overflow that can be exploited to gain run-time control
of the device as root.

When the server parses the HTTP headers and finds the Basic-Authentication
tag it will call a base64 decode function. This function…

Read More

Posted by Artur Janicki via Fulldisclosure on Mar 27

[APOLOGIES FOR CROSS-POSTING]

CALL FOR PAPERS
13th International Workshop on Cyber Crime (IWCC 2024 –
https://www.ares-conference.eu/iwcc/)
to be held in conjunction with the 19th International Conference on
Availability, Reliability and Security (ARES 2024 –
http://www.ares-conference.eu)

July 30 – August 02, 2024, Vienna, Austria

IMPORTANT DATES
Submission Deadline May 12, 2024
Author Notification May 29, 2024
Proceedings Version…

Read More

Skyler Ferrante discovered that the util-linux wall command did not filter
escape sequences from command line arguments. A local attacker could
possibly use this issue to obtain sensitive information.

Read More

USN-6718-1 fixed a vulnerability in curl. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that curl incorrectly handled memory when limiting the
amount of headers when HTTP/2 server push is allowed. A remote attacker
could possibly use this issue to cause curl to consume resources, leading
to a denial of service. (CVE-2024-2398)

Read More

FEDORA-EPEL-2024-e2cad98fb0

Packages in this update:

tinyxml-2.6.2-28.el9

Update description:

Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462.
Fix incorrect text element encoding (upstream isssue #51).
Enable tests.

Read More

FEDORA-EPEL-2024-0ced8d6066

Packages in this update:

tinyxml-2.6.2-28.el8

Update description:

Security fixes for CVE-2021-42260, CVE-2023-34194 and its duplicate CVE-2023-40462.
Fix incorrect text element encoding (upstream isssue #51).
Enable tests.

Read More

FEDORA-2024-c266dab9e9

Packages in this update:

unbound-1.19.1-4.fc40

Update description:

CVE-2024-1931 – Fix trim of EDE text from large udp responses from spinning cpu.

Read More