Debian Security Advisory 5360-1

Debian Linux Security Advisory 5360-1 - Xi Lu discovered that missing input sanitising in Emacs (in etags, the Ruby mode and htmlfontify) could result in the execution of arbitrary shell commands.

Debian Security Advisory 5359-1

Debian Linux Security Advisory 5359-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-5884-1

Ubuntu Security Notice 5884-1 - Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Debian Security Advisory 5358-1

Debian Linux Security Advisory 5358-1 - Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for launching a denial of service attack or the execution of arbitrary code.

Ubuntu Security Notice USN-5882-1

Ubuntu Security Notice 5882-1 - Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Debian Security Advisory 5357-1

Debian Linux Security Advisory 5357-1 - yvvdwf found a data exfiltration vulnerability while performing local clone from malicious repository even using a non-local transport. Joern Schneeweisz found a path traversal vulnerability in git-apply that a path outside the working tree can be overwritten as the acting user.

Red Hat Security Advisory 2023-0903-01

Red Hat Security Advisory 2023-0903-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-0902-01

Red Hat Security Advisory 2023-0902-01 - WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Issues addressed include a code execution vulnerability.

Ubuntu Security Notice USN-5883-1

Ubuntu Security Notice 5883-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-0778-01

Red Hat Security Advisory 2023-0778-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.56.

Red Hat Security Advisory 2023-0777-01

Red Hat Security Advisory 2023-0777-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.56. Issues addressed include bypass, code execution, cross site request forgery, cross site scripting, denial of service, deserialization, and improper authorization vulnerabilities.

Ubuntu Security Notice USN-5739-2

Ubuntu Security Notice 5739-2 - USN-5739-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. MariaDB has been updated to 10.3.38 in Ubuntu 20.04 LTS and to 10.6.12 in Ubuntu 22.04 LTS and Ubuntu 22.10.

Defense in depth -- the Microsoft way (part 82): INVALID/BOGUS AppLocker rules disable SAFER on Windows 11 22H2

Posted by Stefan Kanthak on Feb 22

Hi @ll,

in Windows 11 22H2. some imbeciles from Redmond added the following
(of course WRONG and INVALID) registry entries and keys which they
dare to ship to their billion world-wide users:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Srp\Gp]
"RuleCount"=dword:00000002
"LastWriteTime"=hex(b):01,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Srp\Gp\DLL]

JFTR: the time stamp is 100ns past...

Multiple vulnerabilities in Audiocodes Device Manager Express

Posted by Eric Flokstra on Feb 22

# Product Name: Device Manager Express
# Vendor Homepage: https://www.audiocodes.com
# Software Link:
https://www.audiocodes.com/solutions-products/products/management-products-solutions/device-manager
# Version: <= 7.8.20002.47752
# Tested on: Windows 10 / Server 2019
# Default credentials: admin/admin
# CVE-2022-24627, CVE-2022-24628, CVE-2022-24629, CVE-2022-24630,
CVE-2022-24631, CVE-2022-24632
# Exploit:...

Sumo Logic keep api credentials on endpoints

Posted by dammitjosie--- via Fulldisclosure on Feb 22

security bug:

go sumologic.com (big company, many customer)

make free account

log in account, make access key - help.sumologic.com/docs/manage/security/access-keys/
<http://help.sumologic.com/docs/manage/security/access-keys/>

download collector for windows -
help.sumologic.com/docs/send-data/installed-collectors/collector-installation-reference/download-collector-from-static-url/

<...

Ubuntu Security Notice USN-5807-2

Ubuntu Security Notice 5807-2 - USN-5807-1 fixed vulnerabilities in libXpm. This update provides the corresponding updates for Ubuntu 16.04 ESM. Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service.

Red Hat Security Advisory 2023-0854-01

Red Hat Security Advisory 2023-0854-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0838-01

Red Hat Security Advisory 2023-0838-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information.

Red Hat Security Advisory 2023-0839-01

Red Hat Security Advisory 2023-0839-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0856-01

Red Hat Security Advisory 2023-0856-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0848-01

Red Hat Security Advisory 2023-0848-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Issues addressed include buffer overflow and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0842-01

Red Hat Security Advisory 2023-0842-01 - The GNU tar program can save multiple files in an archive and restore files from an archive. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2023-0835-01

Red Hat Security Advisory 2023-0835-01 - The python-setuptools package provides a collection of enhancements to Python distribution utilities allowing convenient building and distribution of Python packages. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0859-01

Red Hat Security Advisory 2023-0859-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0855-01

Red Hat Security Advisory 2023-0855-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.

Red Hat Security Advisory 2023-0857-01

Red Hat Security Advisory 2023-0857-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a file download vulnerability.

Red Hat Security Advisory 2023-0837-01

Red Hat Security Advisory 2023-0837-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2023-0852-01

Red Hat Security Advisory 2023-0852-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include HTTP response splitting and out of bounds read vulnerabilities.

Red Hat Security Advisory 2023-0858-01

Red Hat Security Advisory 2023-0858-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0770-01

Red Hat Security Advisory 2023-0770-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Red Hat Security Advisory 2023-0772-01

Red Hat Security Advisory 2023-0772-01 - Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments. This advisory contains the RPM packages for Red Hat build of MicroShift 4.12.4.

Red Hat Security Advisory 2023-0769-01

Red Hat Security Advisory 2023-0769-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

Red Hat Security Advisory 2023-0832-01

Red Hat Security Advisory 2023-0832-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, null pointer, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-0817-01

Red Hat Security Advisory 2023-0817-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Debian Security Advisory 5356-1

Debian Linux Security Advisory 5356-1 - Multiple security issues were discovered in Sox, the Swiss Army knife of sound processing programs, which could result in denial of service or potentially the execution of arbitrary code if a malformed audio file is processed.

Red Hat Security Advisory 2023-0819-01

Red Hat Security Advisory 2023-0819-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0823-01

Red Hat Security Advisory 2023-0823-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0821-01

Red Hat Security Advisory 2023-0821-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0814-01

Red Hat Security Advisory 2023-0814-01 - The Cryostat 2 on RHEL 8 container images have been updated to fix "CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key" and to address the following security advisory: RHSA-2023:0625 Users of Cryostat 2 on RHEL 8 container images are advised to upgrade to these updated images, which contain backported patches to correct these security issues, fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images. Issues addressed include bypass, code execution, and integer overflow vulnerabilities.

Red Hat Security Advisory 2023-0824-01

Red Hat Security Advisory 2023-0824-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.8.0. Issues addressed include a use-after-free vulnerability.

Debian Security Advisory 5355-1

Debian Linux Security Advisory 5355-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

Ubuntu Security Notice USN-5880-1

Ubuntu Security Notice 5880-1 - Christian Holler discovered that Firefox did not properly manage memory when using PKCS 12 Safe Bag attributes. An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes. Johan Carlsson discovered that Firefox did not properly manage child iframe's unredacted URI when using Content-Security-Policy-Report-Only header. An attacker could potentially exploits this to obtain sensitive information.

Debian Security Advisory 5354-1

Debian Linux Security Advisory 5354-1 - Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host.

Debian Security Advisory 5353-1

Debian Linux Security Advisory 5353-1 - Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag attributes in nss, the Mozilla Network Security Service library, may result in execution of arbitrary code if a specially crafted PKCS 12 certificate bundle is processed.

Red Hat Security Advisory 2023-0809-01

Red Hat Security Advisory 2023-0809-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0805-01

Red Hat Security Advisory 2023-0805-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0808-01

Red Hat Security Advisory 2023-0808-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0810-01

Red Hat Security Advisory 2023-0810-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0807-01

Red Hat Security Advisory 2023-0807-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0811-01

Red Hat Security Advisory 2023-0811-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0806-01

Red Hat Security Advisory 2023-0806-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-0812-01

Red Hat Security Advisory 2023-0812-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.8.0 ESR. Issues addressed include a use-after-free vulnerability.

Microsoft Windows Contact File Remote Code Execution

This advisory ties together older research on a contact file handling flaw on Microsoft Windows as well as recent research discovered that uses the same methodologies.

[webapps] pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)

pfBlockerNG 2.1.4_26 - Remote Code Execution (RCE)

Debian Security Advisory 5352-1

Debian Linux Security Advisory 5352-1 - An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Red Hat Security Advisory 2023-0803-01

Red Hat Security Advisory 2023-0803-01 - An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important.

Red Hat Security Advisory 2023-0804-01

Red Hat Security Advisory 2023-0804-01 - An update is now available for Red Hat OpenShift GitOps 1.5. Red Hat Product Security has rated this update as having a security impact of Important.

Red Hat Security Advisory 2023-0802-01

Red Hat Security Advisory 2023-0802-01 - An update is now available for Red Hat OpenShift GitOps 1.6. Red Hat Product Security has rated this update as having a security impact of Important.

Red Hat Security Advisory 2023-0728-01

Red Hat Security Advisory 2023-0728-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.3.

Debian Security Advisory 5351-1

Debian Linux Security Advisory 5351-1 - An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.