Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
Category Archives: Advisories
DSA-5354 snort – security update
Multiple security vulnerabilities were discovered in snort, a flexible Network
Intrusion Detection System, which could allow an unauthenticated, remote
attacker to cause a denial of service (DoS) condition or bypass filtering
technology on an affected device and ex-filtrate data from a compromised host.
edk2-20221117gitfff6d81270b5-14.fc36
FEDORA-2023-e821b64a4c
Packages in this update:
edk2-20221117gitfff6d81270b5-14.fc36
Update description:
add sub-package with xen build (resolves: rhbz#2170730)
update openssl (CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304).
cherry-pick aarch64 bugfixes,
set firmware build release date,
add ext4 sub-package
GoAnywhere MFT RCE Vulnerability (CVE-2023-0669) Actively Exploited
FortiGuard Labs is aware of a report that a remote code execution (RCE) vulnerability in the GoAnywhere MFT (Managed File Transfer) tool (CVE-2023-0669) is being actively exploited in the wild. The Cl0p ransomware threat actor reportedly claimed to have leveraged the vulnerability to compromise vulnerable GoAnywhere MFT servers and steal data from over 130 organizations. FortiGuard Labs has an Outbreak Alert writeup page that contains additional information on CVE-2023-0669 which contains a comprehensive list of protections and can be found here.Why is this Significant?This is significant because a RCE vulnerability in the GoAnywhere MFT tool (CVE-2023-0669) is being actively exploited in the wild. The Cl0p ransomware group allegedly exploited the vulnerability and stole data from multiple organizations for financial extortion.On February 10, 2023, CISA (Cybersecurity and Infrastructure Security Agency) added CVE-2023-0669 to the Known Exploited Vulnerabilities catalog.A patch is available in version 7.1.2 and should be applied as soon as possible.What is GoAnywhere MFT?GoAnywhere MFT is a tool developed by Fortra that allows organizations to centralize, control and streamline internal and external file transfers.What is CVE-2023-0669?CVE-2023-0669 is a command injection vulnerability in GoAnywhere MFT and affects version 7.1.1 and prior. Successful exploitation of the vulnerability allows attackers to gain remote code execution on vulnerable GoAnywhere MFT.The vulnerability has a CVSS score of 7.2.Has the Vendor Released an Advisory for What is CVE-2023-0669?Fortra released the advisory in their customer portal. See the Appendix for a link to “Security Advisory” (note that login is required to access the advisory).Has the Vendor Released a Patch for CVE-2023-0669?Yes. Fortra released a patch in version 7.1.2 on February 13, 2023.Any Mitigation?Fortra provided mitigation methods in the advisory. For details, see the Appendix for a link to “Security Advisory” (note that a login is required to access the advisory).What is the Status of Protection?FortiGuard Labs released the following IPS signature in version 22.495for CVE-2023-0669:Fortra.GoAnywhere.MFT.LicenseResponseServlet.Command.Injection (default action is set to “pass” – please adjust to ‘block’ for active protection)
thunderbird-stable-3720230217131322.1
FEDORA-FLATPAK-2023-39d93f840d
Packages in this update:
thunderbird-stable-3720230217131322.1
Update description:
Thunderbird 102.8.0 release. For details, see https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
CVE-2020-19824
An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter.
thunderbird-102.8.0-1.fc37
FEDORA-2023-50429a3169
Packages in this update:
thunderbird-102.8.0-1.fc37
Update description:
Update to 102.8.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ ;
https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
thunderbird-102.8.0-1.fc36
FEDORA-2023-766cc7ab0f
Packages in this update:
thunderbird-102.8.0-1.fc36
Update description:
Update to 102.8.0 ;
https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/ ;
https://www.thunderbird.net/en-US/thunderbird/102.8.0/releasenotes/
Update to 102.7.2 ;
https://www.thunderbird.net/en-US/thunderbird/102.7.2/releasenotes/
CVE-2020-29168
SQL Injection vulnerability in Projectworlds Online Doctor Appointment Booking System, allows attackers to gain sensitive information via the q parameter to the getuser.php endpoint.
A Vulnerability in Clam AntiVirus Could Allow for Remote Code Execution
A vulnerability has been discovered in Clam AntiVirus, which could allow for remote code execution. Clam AntiVirus is an open-source, cross-platform antimalware toolkit able to detect many types of malware. Successful exploitation of this vulnerability could allow an attacker to execute remote code as the Clam AntiVirus platform. Depending on the privileges associated with the application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Applications that are configured to have fewer user rights on the system could be less impacted than those that operate with administrative user rights.