Debian Security Advisory 5467-1

Debian Linux Security Advisory 5467-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5466-1

Debian Linux Security Advisory 5466-1 - It was discovered that ntpd in ntpsec, a secure, hardened, and improved implementation derived from the original NTP project, could crash if NTS is disabled and an NTS-enabled client request (mode 3) is received.

Ubuntu Security Notice USN-6274-1

Ubuntu Security Notice 6274-1 - Jurien de Jong discovered that XMLTooling did not properly handle certain KeyInfo element content within an XML signature. An attacker could possibly use this issue to achieve server-side request forgery.

Debian Security Advisory 5464-1

Debian Linux Security Advisory 5464-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, bypass of the same-origin policy, spoofing or sandbox bypass.

Red Hat Security Advisory 2023-4475-01

Red Hat Security Advisory 2023-4475-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.

Ubuntu Security Notice USN-6273-1

Ubuntu Security Notice 6273-1 - Jieyong Ma discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that poppler incorrectly handled certain malformed PDF files. A remote attacker could possibly use this issue to cause poppler to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.

Debian Security Advisory 5465-1

Debian Linux Security Advisory 5465-1 - Seokchan Yoon discovered that missing sanitising in the email and URL validators of Django, a Python web development framework, could result in denial of service.

Red Hat Security Advisory 2023-4471-01

Red Hat Security Advisory 2023-4471-01 - Red Hat OpenShift Serverless Client kn 1.29.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.29.1. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements.

Ubuntu Security Notice USN-5064-3

Ubuntu Security Notice 5064-3 - USN-5064-1 fixed a vulnerability in GNU. This update provides the corresponding update for Ubuntu 14.04 LTS. Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-4472-01

Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.

Ubuntu Security Notice USN-6275-1

Ubuntu Security Notice 6275-1 - Addison Crump discovered that Cargo incorrectly set file permissions on UNIX-like systems when extracting crate archives. If the crate would contain files writable by any user, a local attacker could possibly use this issue to execute code as another user.

Red Hat Security Advisory 2023-4461-01

Red Hat Security Advisory 2023-4461-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Ubuntu Security Notice USN-6272-1

Ubuntu Security Notice 6272-1 - Motoyasu Saburi discovered that OpenJDK 20 incorrectly handled special characters in file name parameters. An attacker could possibly use this issue to insert, edit or obtain sensitive information. Eirik Bjørsnøs discovered that OpenJDK 20 incorrectly handled certain ZIP archives. An attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2023-4469-01

Red Hat Security Advisory 2023-4469-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4460-01

Red Hat Security Advisory 2023-4460-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4468-01

Red Hat Security Advisory 2023-4468-01 - An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4470-01

Red Hat Security Advisory 2023-4470-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4465-01

Red Hat Security Advisory 2023-4465-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4466-01

Red Hat Security Advisory 2023-4466-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include code execution and denial of service vulnerabilities.

Red Hat Security Advisory 2023-4464-01

Red Hat Security Advisory 2023-4464-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4462-01

Red Hat Security Advisory 2023-4462-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Red Hat Security Advisory 2023-4463-01

Red Hat Security Advisory 2023-4463-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Issues addressed include buffer overflow and bypass vulnerabilities.

Ubuntu Security Notice USN-6271-1

Ubuntu Security Notice 6271-1 - Xiang Li discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Huascar Tejeda discovered that MaraDNS incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2023-4449-01

Red Hat Security Advisory 2023-4449-01 - .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.120 and .NET Runtime 6.0.20. Issues addressed include code execution, denial of service, and heap corruption vulnerabilities.

Ubuntu Security Notice USN-6270-1

Ubuntu Security Notice 6270-1 - It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening a specially crafted file, it could cause Vim to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Vim incorrectly handled memory when deleting buffers in diff mode. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

OX App Suite SSRF / SQL Injection / Cross Site Scripting

OX App Suite suffers from remote SQL injection, server-side request forgery, cross site scripting, improper neutralization, command injection, and exposure of sensitive information vulnerabilities.

Kolibri GET request buffer Overflow [Stack Egghunter]

Posted by Mahmoud Noureldin on Aug 03

#!/usr/bin/python3
# Exploit Title: Kolibri GET request buffer Overflow [Stack Egghunter]
# Date: 2 Augst 2023
# Exploit Author: Mahmoud NourEldin @Engacker
# Vendor App:
https://www.exploit-db.com/apps/4d4e15b98e105facf94e4fd6a1f9eb78-Kolibri-2.0-win.zip
# Version: Kolibri 2.0
# Tested on: Windows 10
# Description:
# For the first time making the egghunter jumping to the begging of the
stack

import socket, time, sys, os

if len(sys.argv) != 3:...

[SYSS-2023-011]: Canon PIXMA TR4550 and other inkjet printer models - Insufficient or Incomplete Data Removal, within Hardware Component (CWE-1301)

Posted by Matthias Deeg via Fulldisclosure on Aug 03

Advisory ID: SYSS-2023-011
Product: PIXMA TR4550
Manufacturer: Canon
Affected Version(s): 1.020 / 1.080
also affects many other Canon inkjet printer
models[4]
Tested Version(s): 1.020 / 1.080
Vulnerability Type: Insufficient or Incomplete Data Removal
within Hardware Component (CWE-1301)...

[webapps] JLex GuestBook 1.6.4 - Reflected XSS

JLex GuestBook 1.6.4 - Reflected XSS

[webapps] Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting

Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting

[webapps] Webedition CMS v2.9.8.8 - Stored XSS

Webedition CMS v2.9.8.8 - Stored XSS

[webapps] Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access

Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Event Access

[webapps] WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS

WordPress Plugin Ninja Forms 3.6.25 - Reflected XSS

[dos] Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)

Xlight FTP Server 3.9.3.6 - 'Stack Buffer Overflow' (DOS)

[webapps] Webedition CMS v2.9.8.8 - Remote Code Execution (RCE)

Webedition CMS v2.9.8.8 - Remote Code Execution (RCE)

[webapps] WordPress adivaha Travel Plugin 2.3 - SQL Injection

WordPress adivaha Travel Plugin 2.3 - SQL Injection

[webapps] PHPJabbers Night Club Booking 1.0 - Reflected XSS

PHPJabbers Night Club Booking 1.0 - Reflected XSS

[webapps] Joomla JLex Review 6.0.1 - Reflected XSS

Joomla JLex Review 6.0.1 - Reflected XSS

[webapps] PHPJabbers Taxi Booking 2.0 - Reflected XSS

PHPJabbers Taxi Booking 2.0 - Reflected XSS

[webapps] PHPJabbers Service Booking Script 1.0 - Reflected XSS

PHPJabbers Service Booking Script 1.0 - Reflected XSS

[webapps] Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR

Wordpress Plugin EventON Calendar 4.4 - Unauthenticated Post Access via IDOR

[webapps] Campcodes Online Matrimonial Website System v3.3 - Code Execution via malicious SVG file upload

Campcodes Online Matrimonial Website System v3.3 - Code Execution via malicious SVG file upload

[webapps] PHPJabbers Rental Property Booking 2.0 - Reflected XSS

PHPJabbers Rental Property Booking 2.0 - Reflected XSS

[webapps] PHPJabbers Shuttle Booking Software 1.0 - Reflected XSS

PHPJabbers Shuttle Booking Software 1.0 - Reflected XSS

[remote] ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)

ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)

[webapps] Academy LMS 6.0 - Reflected XSS

Academy LMS 6.0 - Reflected XSS

[webapps] Webutler v3.2 - Remote Code Execution (RCE)

Webutler v3.2 - Remote Code Execution (RCE)

[webapps] Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)

Ozeki SMS Gateway 10.3.208 - Arbitrary File Read (Unauthenticated)

[webapps] PHPJabbers Cleaning Business 1.0 - Reflected XSS

PHPJabbers Cleaning Business 1.0 - Reflected XSS

[webapps] WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

WordPress Plugin Forminator 1.24.6 - Unauthenticated Remote Command Execution

[webapps] WordPress adivaha Travel Plugin 2.3 - Reflected XSS

WordPress adivaha Travel Plugin 2.3 - Reflected XSS

[remote] Shelly PRO 4PM v0.11.0 - Authentication Bypass

Shelly PRO 4PM v0.11.0 - Authentication Bypass

OXAS-ADV-2023-0003: OX App Suite Security Advisory

Posted by Martin Heiland via Fulldisclosure on Aug 02

Dear subscribers,

We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those
vulnerabilities. Feel free to join our bug bounty programs for OX AppSuite, Dovecot and PowerDNS at YesWeHack.

This advisory has also been published at https://documentation.open-xchange.com/security/advisories/.

Yours sincerely,
Martin Heiland, Open-Xchange GmbH

Internal reference: OXUIB-2282
Type:...

RansomLord v1 / Anti-Ransomware Exploit Tool

Posted by malvuln on Aug 02

RansomLord is a proof-of-concept tool that automates the creation of PE
files, used to compromise Ransomware pre-encryption.

Lang: C

SHA256: b0dfa2377d7100949de276660118bbf21fa4e56a4a196db15f5fb344a5da33ee

Video PoC:
https://www.youtube.com/watch?v=_Ho0bpeJWqI

Download: https://github.com/malvuln/RansomLord

RansomLord generated PE files are saved to disk in the x32 or x64
directorys where the program is run from.

Goal is to exploit code...

Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter)

Posted by Mahmoud Noureldin on Aug 02

This is an old app but in an easy way which not the same which in public.

Exploit Title: Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter)

# Date: [30/07/2023]
# Exploit Author: [0xBOF90]
# Vendor Homepage: [link]
# Version: [app version] (3.1)
# Tested on: [Windows 10]

import socket
import sys

try:
server = b"192.168.56.102"
#\x00\x0a\x0d\x25
port = 80
size = 253
# msfvenom -p windows/shell_reverse_tcp...

Ubuntu Security Notice USN-6267-1

Ubuntu Security Notice 6267-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Max Vlasov discovered that Firefox Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

Red Hat Security Advisory 2023-4432-01

Red Hat Security Advisory 2023-4432-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

Red Hat Security Advisory 2023-4431-01

Red Hat Security Advisory 2023-4431-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

Red Hat Security Advisory 2023-4341-01

Red Hat Security Advisory 2023-4341-01 - Red Hat OpenShift bug fix and security update. Red Hat Product Security has rated this update as having a security impact of Low. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-4429-01

Red Hat Security Advisory 2023-4429-01 - The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.