Red Hat Security Advisory 2023-4982-01

Red Hat Security Advisory 2023-4982-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.6 images.

September 6^th 2023 at 16:39

Red Hat Security Advisory 2023-4980-01

Red Hat Security Advisory 2023-4980-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a bypass vulnerability.

September 6^th 2023 at 16:36

Red Hat Security Advisory 2023-4983-01

Red Hat Security Advisory 2023-4983-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include bypass, denial of service, deserialization, and memory leak vulnerabilities.

September 6^th 2023 at 16:33

Full Disclosure
Minor firefox DoS - semi silently polluting ~/Downloads with files
September 5^th 2023 at 19:41

Minor firefox DoS - semi silently polluting ~/Downloads with files

Posted by Georgi Guninski on Sep 05

This is barely a DoS, but since Chrome has explicit protection
against it, we decided to disclose it.

If firefox user visits a specially crafted page, then firefox
may create many files in `~/Downloads`,
The user is notified about this in a small dialog, but there is
no option to stop the downloads.
The potential denial of service is that the user must manually
delete the created files and this might be PITA.

Technically about the PoC: create...

September 5^th 2023 at 19:41

Debian Security Advisory 5489-1

Debian Linux Security Advisory 5489-1 - A buffer overflow was found in file, a file type classification tool, which may result in denial of service if a specially crafted file is processed.

September 5^th 2023 at 15:04

Red Hat Security Advisory 2023-4972-01

Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.

September 5^th 2023 at 14:59

Ubuntu Security Notice USN-6336-1

Ubuntu Security Notice 6336-1 - It was discovered that Docker Registry incorrectly handled certain crafted input, A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that Docker Registry incorrectly handled certain crafted input. An attacker could possibly use this issue to cause a denial of service.

September 5^th 2023 at 14:45

Red Hat Security Advisory 2023-4961-01

Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

September 5^th 2023 at 14:45

Red Hat Security Advisory 2023-4971-01

Red Hat Security Advisory 2023-4971-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

September 5^th 2023 at 14:42

Red Hat Security Advisory 2023-4967-01

Red Hat Security Advisory 2023-4967-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

September 5^th 2023 at 14:40

Red Hat Security Advisory 2023-4955-01

Red Hat Security Advisory 2023-4955-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:35

Red Hat Security Advisory 2023-4962-01

Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

September 5^th 2023 at 14:35

Red Hat Security Advisory 2023-4946-01

Red Hat Security Advisory 2023-4946-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:34

Red Hat Security Advisory 2023-4947-01

Red Hat Security Advisory 2023-4947-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:32

Ubuntu Security Notice USN-6337-1

Ubuntu Security Notice 6337-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.

September 5^th 2023 at 14:32

Red Hat Security Advisory 2023-4956-01

Red Hat Security Advisory 2023-4956-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:32

Red Hat Security Advisory 2023-4948-01

Red Hat Security Advisory 2023-4948-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:30

Red Hat Security Advisory 2023-4950-01

Red Hat Security Advisory 2023-4950-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:27

Red Hat Security Advisory 2023-4945-01

Red Hat Security Advisory 2023-4945-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:27

Red Hat Security Advisory 2023-4952-01

Red Hat Security Advisory 2023-4952-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:24

Red Hat Security Advisory 2023-4954-01

Red Hat Security Advisory 2023-4954-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:24

Red Hat Security Advisory 2023-4953-01

Red Hat Security Advisory 2023-4953-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0.

September 5^th 2023 at 14:21

Red Hat Security Advisory 2023-4949-01

Red Hat Security Advisory 2023-4949-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:20

Red Hat Security Advisory 2023-4959-01

Red Hat Security Advisory 2023-4959-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:20

Red Hat Security Advisory 2023-4957-01

Red Hat Security Advisory 2023-4957-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:20

Red Hat Security Advisory 2023-4951-01

Red Hat Security Advisory 2023-4951-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:20

Red Hat Security Advisory 2023-4958-01

Red Hat Security Advisory 2023-4958-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

September 5^th 2023 at 14:19

Exploit-DB Updates
[webapps] Academy LMS 6.1 - Arbitrary File Upload
September 4^th 2023 at 00:00

[webapps] Academy LMS 6.1 - Arbitrary File Upload

Academy LMS 6.1 - Arbitrary File Upload

September 4^th 2023 at 00:00

Exploit-DB Updates
[local] Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow
September 4^th 2023 at 00:00

[local] Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow

Freefloat FTP Server 1.0 - 'PWD' Remote Buffer Overflow

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] DLINK DPH-400SE - Exposure of Sensitive Information
September 4^th 2023 at 00:00

[webapps] DLINK DPH-400SE - Exposure of Sensitive Information

DLINK DPH-400SE - Exposure of Sensitive Information

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] Bus Reservation System 1.1 - Multiple-SQLi
September 4^th 2023 at 00:00

[webapps] Bus Reservation System 1.1 - Multiple-SQLi

Bus Reservation System 1.1 - Multiple-SQLi

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' )
September 4^th 2023 at 00:00

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' )

CSZ CMS 1.3.0 - Stored Cross-Site Scripting ('Photo URL' and 'YouTube URL' )

September 4^th 2023 at 00:00

Exploit-DB Updates
[local] Kingo ROOT 1.5.8 - Unquoted Service Path
September 4^th 2023 at 00:00

[local] Kingo ROOT 1.5.8 - Unquoted Service Path

Kingo ROOT 1.5.8 - Unquoted Service Path

September 4^th 2023 at 00:00

Exploit-DB Updates
[remote] Ivanti Avalanche <v6.4.0.0 - Remote Code Execution
September 4^th 2023 at 00:00

[remote] Ivanti Avalanche <v6.4.0.0 - Remote Code Execution

Ivanti Avalanche

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] Hyip Rio 2.1 - Arbitrary File Upload
September 4^th 2023 at 00:00

[webapps] Hyip Rio 2.1 - Arbitrary File Upload

Hyip Rio 2.1 - Arbitrary File Upload

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] Blood Donor Management System v1.0 - Stored XSS
September 4^th 2023 at 00:00

[webapps] Blood Donor Management System v1.0 - Stored XSS

Blood Donor Management System v1.0 - Stored XSS

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS
September 4^th 2023 at 00:00

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS

SPA-Cart eCommerce CMS 1.9.0.3 - Reflected XSS

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')
September 4^th 2023 at 00:00

[webapps] CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')

CSZ CMS 1.3.0 - Stored Cross-Site Scripting (Plugin 'Gallery')

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] FileMage Gateway 1.10.9 - Local File Inclusion
September 4^th 2023 at 00:00

[webapps] FileMage Gateway 1.10.9 - Local File Inclusion

FileMage Gateway 1.10.9 - Local File Inclusion

September 4^th 2023 at 00:00

Exploit-DB Updates
[local] NVClient v5.0 - Stack Buffer Overflow (DoS)
September 4^th 2023 at 00:00

[local] NVClient v5.0 - Stack Buffer Overflow (DoS)

NVClient v5.0 - Stack Buffer Overflow (DoS)

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated)
September 4^th 2023 at 00:00

[webapps] WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated)

WP Statistics Plugin 13.1.5 current_page_id - Time based SQL injection (Unauthenticated)

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] Credit Lite 1.5.4 - SQL Injection
September 4^th 2023 at 00:00

[webapps] Credit Lite 1.5.4 - SQL Injection

Credit Lite 1.5.4 - SQL Injection

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] AdminLTE PiHole 5.18 - Broken Access Control
September 4^th 2023 at 00:00

[webapps] AdminLTE PiHole 5.18 - Broken Access Control

AdminLTE PiHole 5.18 - Broken Access Control

September 4^th 2023 at 00:00

Exploit-DB Updates
[webapps] Member Login Script 3.3 - Client-side desync
September 4^th 2023 at 00:00

[webapps] Member Login Script 3.3 - Client-side desync

Member Login Script 3.3 - Client-side desync

September 4^th 2023 at 00:00

Full Disclosure
AtlasVPN Linux Client 1.0.3 IP Leak Exploit
September 5^th 2023 at 03:13

AtlasVPN Linux Client 1.0.3 IP Leak Exploit

Posted by icudar via Fulldisclosure on Sep 04

The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the
users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their
users safety serious, because their software security decisions suck so massively that its hard to believe this is a
bug rather than a backdoor. Nobody can be this incompetent. I tried to contact their support...

September 5^th 2023 at 03:13

Full Disclosure
Vulnerabilities in Internet Radio auna IR-160 SE (UIProto)
September 5^th 2023 at 03:13

Vulnerabilities in Internet Radio auna IR-160 SE (UIProto)

Posted by naphthalin via Fulldisclosure on Sep 04

The internet radio device auna IR-160 SE has multiple vulnerabilities.
It uses the firmware UIProto, different versions of which can also be
found in many other radios.

1. The firmware offers a rudimentary web API that can be reached on the
local network on port 80. This API is completely unauthenticated,
allowing anyone to control the radio over the local network. (already
known as CVE-2019-13474, but relevant for the other two findings)...

September 5^th 2023 at 03:13

Ubuntu Security Notice USN-6335-1

Ubuntu Security Notice 6335-1 - It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause BusyBox to crash, resulting in a denial of service, or execute arbitrary code.

September 4^th 2023 at 17:29

Red Hat Security Advisory 2023-4910-01

Red Hat Security Advisory 2023-4910-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, integer overflow, and out of bounds write vulnerabilities.

September 4^th 2023 at 17:29

Red Hat Security Advisory 2023-4909-01

Red Hat Security Advisory 2023-4909-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.4 serves as a replacement for Red Hat JBoss Web Server 5.7.3. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References section. Issues addressed include denial of service, information leakage, and integer overflow vulnerabilities.

September 4^th 2023 at 17:29

Ubuntu Security Notice USN-6334-1

Ubuntu Security Notice 6334-1 - Peter Wang discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. Andreas B. Mundt discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server to cause a crash. Johannes Krupp discovered that atftp did not properly manage certain inputs. A remote attacker could send a specially crafted tftp request to the server and make the server to disclose /etc/group data.

September 4^th 2023 at 17:29

Debian Security Advisory 5488-1

Debian Linux Security Advisory 5488-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

September 4^th 2023 at 17:28

Ubuntu Security Notice USN-6333-1

Ubuntu Security Notice 6333-1 - Junsung Lee discovered that Thunderbird did not properly validate the text direction override unicode character in filenames. An attacker could potentially exploits this issue by spoofing file extension while attaching a file in emails. Max Vlasov discovered that Thunderbird Offscreen Canvas did not properly track cross-origin tainting. An attacker could potentially exploit this issue to access image data from another site in violation of same-origin policy.

September 4^th 2023 at 17:28

Ubuntu Security Notice USN-6332-1

Ubuntu Security Notice 6332-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.

September 2^nd 2023 at 13:17

Debian Security Advisory 5487-1

Debian Linux Security Advisory 5487-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code.

September 2^nd 2023 at 13:17

Ubuntu Security Notice USN-6331-1

Ubuntu Security Notice 6331-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.

September 2^nd 2023 at 13:11

Ubuntu Security Notice USN-6330-1

Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

September 2^nd 2023 at 13:08

Ubuntu Security Notice USN-6329-1

Ubuntu Security Notice 6329-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

September 2^nd 2023 at 11:40

Ubuntu Security Notice USN-6326-1

Ubuntu Security Notice 6326-1 - It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker could possibly use this issue to execute arbitrary commands on the host.

September 2^nd 2023 at 11:39

Ubuntu Security Notice USN-6327-1

Ubuntu Security Notice 6327-1 - Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear operations. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service.

September 2^nd 2023 at 11:39

Ubuntu Security Notice USN-6328-1

Ubuntu Security Notice 6328-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

September 2^nd 2023 at 11:39