Category Archives: Advisories

Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables

Read Time:13 Second

Posted by Austin DeFrancesco via Fulldisclosure on Feb 13

Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004)
Variables
=================================================================================================================================

Contents:
———

Summary

Analysis

Exploitation

Acknowledgments

Timeline

Additional Advisory

Summary:
——–

Austin A. DeFrancesco (DEFCESCO) discovered two stack-based…

Read More

Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)

Read Time:15 Second

Posted by Austin DeFrancesco via Fulldisclosure on Feb 13

Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749)
===========================================================================================

Contents:
———

Summary

Analysis

Exploitation

Acknowledgments

Timeline

Additional Advisory

Summary:
——–

Austin A. DeFrancesco (DEFCESCO) discovered a command injection vulnerability in KiTTY
(https://github.com/cyd01/KiTTY/). This vulnerability:…

Read More

Microsoft Windows Defender / Trojan.Win32/Powessere.G / Detection Mitigation Bypass Part 2.

Read Time:18 Second

Posted by hyp3rlinx on Feb 13

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
https://hyp3rlinx.altervista.org/advisories/MICROSOFT_WINDOWS_DEFENDER_TROJAN.WIN32.POWESSERE.G_MITIGATION_BYPASS_PART2.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.microsoft.com

[Product]
Windows Defender

[Vulnerability Type]
Windows Defender Detection Mitigation Bypass
TrojanWin32Powessere.G

[CVE Reference]
N/A

[Security Issue]…

Read More

Wyrestorm Apollo VX20 / Incorrect Access Control – Credentials Disclosure / CVE-2024-25735

Read Time:18 Second

Posted by hyp3rlinx on Feb 13

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_INCORRECT_ACCESS_CONTROL_CREDENTIALS_DISCLOSURE_CVE-2024-25735.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.wyrestorm.com

[Product]
APOLLO VX20 < 1.3.58

[Vulnerability Type]
Incorrect Access Control (Credentials Disclosure)

[Affected Component]
Web interface, config…

Read More

Wyrestorm Apollo VX20 / Account Enumeration / CVE-2024-25734

Read Time:20 Second

Posted by hyp3rlinx on Feb 13

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_ACCOUNT_ENUMERATION_CVE-2024-25734.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.wyrestorm.com

[Product]
APOLLO VX20 < 1.3.58

[Vulnerability Type]
Account Enumeration

[CVE Reference]
CVE-2024-25734

[Security Issue]
An issue was discovered on WyreStorm Apollo VX20…

Read More

Wyrestorm Apollo VX20 / Incorrect Access Control – DoS / CVE-2024-25736

Read Time:21 Second

Posted by hyp3rlinx on Feb 13

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/WYRESTORM_APOLLO_VX20_INCORRECT_ACCESS_CONTROL_DOS_CVE-2024-25736.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.wyrestorm.com

[Product]
APOLLO VX20 < 1.3.58

[Vulnerability Type]
Incorrect Access Control (DOS)

[Affected Product Code Base]
APOLLO VX20 < 1.3.58, fixed in v1.3.58

[Affected…

Read More

IBM i Access Client Solutions / Remote Credential Theft / CVE-2024-22318

Read Time:20 Second

Posted by hyp3rlinx on Feb 13

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/IBMI_ACCESS_CLIENT_REMOTE_CREDENTIAL_THEFT_CVE-2024-22318.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]
www.ibm.com

[Product]
IBM i Access Client Solutions

[Versions]
All

[Remediation/Fixes]
None

[Vulnerability Type]
Remote Credential Theft

[CVE Reference]
CVE-2024-22318

[Security Issue]
IBM i…

Read More

USN-6629-1: UltraJSON vulnerabilities

Read Time:28 Second

It was discovered that UltraJSON incorrectly handled certain input with
a large amount of indentation. An attacker could possibly use this issue
to crash the program, resulting in a denial of service. (CVE-2021-45958)

Jake Miller discovered that UltraJSON incorrectly decoded certain
characters. An attacker could possibly use this issue to cause key
confusion and overwrite values in dictionaries. (CVE-2022-31116)

It was discovered that UltraJSON incorrectly handled an error when
reallocating a buffer for string decoding. An attacker could possibly
use this issue to corrupt memory. (CVE-2022-31117)

Read More

rust-ansitok-0.2.0-4.el9 rust-bat-0.24.0-2.el9 rust-cargo-c-0.9.27-4.el9 rust-eza-0.17.3-2.el9 rust-git-delta-0.16.5-9.el9 rust-git2-0.18.2-1.el9 rust-libgit2-sys-0.16.2-1.el9 rust-pore-0.1.10-3.el9 rust-shadow-rs-0.8.1-8.el9 rust-strip-ansi-escapes-0.2.0-2.el9 rust-vergen-5.1.17-8.el9 rust-vt100-0.15.2-2.el9 rust-vte-0.13.0-1.el9

Read Time:54 Second

FEDORA-EPEL-2024-2de74966ef

Packages in this update:

rust-ansitok-0.2.0-4.el9
rust-bat-0.24.0-2.el9
rust-cargo-c-0.9.27-4.el9
rust-eza-0.17.3-2.el9
rust-git2-0.18.2-1.el9
rust-git-delta-0.16.5-9.el9
rust-libgit2-sys-0.16.2-1.el9
rust-pore-0.1.10-3.el9
rust-shadow-rs-0.8.1-8.el9
rust-strip-ansi-escapes-0.2.0-2.el9
rust-vergen-5.1.17-8.el9
rust-vt100-0.15.2-2.el9
rust-vte-0.13.0-1.el9

Update description:

Update the git2 crate to version 0.18.2.
Update the libgit2-sys crate to version 0.16.2.

Version 0.16.2 of the libgit2-sys crate includes an update of the bundled copy of libgit2 to version 1.7.2 to address CVE-2024-24575 and CVE-2024-24577.

Since the libgit2 bindings cause applications that use them to statically link libgit2, this update also includes rebuilds of all affected applications.

Read More

rust-asyncgit-0.24.3-3.fc38 rust-bat-0.24.0-3.fc38 rust-cargo-c-0.9.28-4.fc38 rust-eza-0.17.3-2.fc38 rust-git-absorb-0.6.11-3.fc38 rust-git-delta-0.16.5-9.fc38 rust-git2-0.18.2-1.fc38 rust-gitui-0.24.3-4.fc38 rust-libgit2-sys-0.16.2-1.fc38 rust-lsd-1.0.0-3.fc38 rust-pore-0.1.10-3.fc38 rust-pretty-git-prompt-0.2.1-20.fc38 rust-shadow-rs-0.8.1-8.fc38 rust-silver-2.0.1-7.fc38 rust-tokei-12.1.2-8.fc38 rust-vergen-5.1.17-8.fc38

Read Time:1 Minute, 0 Second

FEDORA-2024-993d3a78dd

Packages in this update:

rust-asyncgit-0.24.3-3.fc38
rust-bat-0.24.0-3.fc38
rust-cargo-c-0.9.28-4.fc38
rust-eza-0.17.3-2.fc38
rust-git2-0.18.2-1.fc38
rust-git-absorb-0.6.11-3.fc38
rust-git-delta-0.16.5-9.fc38
rust-gitui-0.24.3-4.fc38
rust-libgit2-sys-0.16.2-1.fc38
rust-lsd-1.0.0-3.fc38
rust-pore-0.1.10-3.fc38
rust-pretty-git-prompt-0.2.1-20.fc38
rust-shadow-rs-0.8.1-8.fc38
rust-silver-2.0.1-7.fc38
rust-tokei-12.1.2-8.fc38
rust-vergen-5.1.17-8.fc38

Update description:

Update the git2 crate to version 0.18.2.
Update the libgit2-sys crate to version 0.16.2.

Version 0.16.2 of the libgit2-sys crate includes an update of the bundled copy of libgit2 to version 1.7.2 to address CVE-2024-24575 and CVE-2024-24577.

Since the libgit2 bindings cause applications that use them to statically link libgit2, this update also includes rebuilds of all affected applications.

Read More