Debian Linux Security Advisory 5066-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in XML roundtrip attacks, the execution of arbitrary code, information disclosure, StartTLS stripping in IMAP or denial of service.
06fe6a239e4a0b70fe9ff726baf6486b9f36b1ff6318001480327005363f19d9Debian Linux Security Advisory 5067-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language and the Rubygems included, which may result on result in information disclosure or denial of service.
0484f18bed972d71f7df53edb8f4ef294019db03c31c92c45a5da5d8c6a8bcb6Debian Linux Security Advisory 5068-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
83e824ad1d34e69303e2416d84b6ac09d82cd6ee5295728b9da45a9afc1d7955Debian Linux Security Advisory 5069-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
1e379d99e51e240d11a38bb3c97e078979a6a30fadbcc6e5288eaf04dd9572afDebian Linux Security Advisory 5070-1 - CVE-2021-4122
7339a6a083baba45995620f30ca40190fa139930b7c05330150961e3e77cff15Debian Linux Security Advisory 5071-1 - Several vulnerabilities were discovered in Samba, a SMB/CIFS file, print, and login server for Unix.
c65ef5714b1203bc675e8b5399a8cb9046a4536959aeacea4b226f71b4957cceDebian Linux Security Advisory 5072-1 - Marcel Neumann, Robert Altschaffel, Loris Guba and Dustin Hermann discovered that debian-edu-config, a set of configuration files used for the Debian Edu blend configured insecure permissions for the user web shares (~/public_html), which could result in privilege escalation.
5aa61912346393ec6e1bb0438a11ab639ce2ce1c44fde0f5c401cc429a2db952Debian Linux Security Advisory 5073-1 - Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
2a5928c2c95034b476596185df810d0f37c78feccaaac4aebbc933ac64290cb4Debian Linux Security Advisory 5074-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.
6b3407661d40a30199696dab9bda0cff90fdb0550c90f49d70d35f995637d300Debian Linux Security Advisory 5075-1 - Several vulnerabilities have been discovered in Minetest, a sandbox video game and game creation system. These issues may allow attackers to manipulate game mods and grant them an unfair advantage over other players. These flaws could also be abused for a denial of service attack against a Minetest server or if user input is passed directly to minetest.deserialize without serializing it first, then a malicious user could run Lua code in the server environment.
8cdd9fdeb60db676b6890c8676fa29f99f832d9ba45c362267f9a26440d4d9dcDebian Linux Security Advisory 5076-1 - Security researchers of JFrog Security and Ismail Aydemir discovered two remote code execution vulnerabilities in the H2 Java SQL database engine which can be exploited through various attack vectors, most notably through the H2 Console and by loading custom classes from remote servers through JNDI. The H2 console is a developer tool and not required by any reverse-dependency in Debian. It has been disabled in (old)stable releases. Database developers are advised to use at least version 2.1.210-1, currently available in Debian unstable.
602fbf289f0a4645af55ca95b395d714f480f6c820bc52e484aa494076a698fcDebian Linux Security Advisory 5077-1 - Multiple security issues were discovered in LibreCAD, an application for computer aided design (CAD) which could result in denial of service or the execution of arbitrary code if a malformed CAD file is opened.
afc775f5db0c47cdcf5886354da7a08cf0a82bcf11ad1a79e57ab58d53121383Debian Linux Security Advisory 5078-1 - It was discovered that zsh, a powerful shell and scripting language, did not prevent recursive prompt expansion. This would allow an attacker to execute arbitrary commands into a user's shell, for instance by tricking a vcs_info user into checking out a git branch with a specially crafted name.
602ee7c93d7aaf91206a9ab27b951e0acda36e1dc3ea481d1b2e907673a0bba8Debian Linux Security Advisory 5079-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
208b881562d41ad7ea06c546595de543110cc6c9bed23b923cf1574561b46ec0Debian Linux Security Advisory 5080-1 - Multiple vulnerabilties were discovered in snapd, a daemon and tooling that enable Snap packages, which could result in bypass of access restrictions or privilege escalation.
7aa8df4f541b162dac303b93aaa55309b14be4e5e525a23d7c6f864f2333f2d1Debian Linux Security Advisory 5081-1 - Reginaldo Silva discovered a (Debian-specific) Lua sandbox escape in Redis, a persistent key-value database.
24bea18a7ed5c46714df1e7fdd4207accfb76d034120ddde8eb85452b1cc49e8Debian Linux Security Advisory 5082-1 - Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of service.
0d3f1a5fe1e49457b4ad5606bb3a59b6b219551a7056119efecb97680d9f7506Debian Linux Security Advisory 5083-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.
5fceef4c8cd38a848ec306ff10e8b3165efd374cb22554eaa075d16353c3fc67Debian Linux Security Advisory 5084-1 - The following vulnerabilities have been discovered in the WPE WebKit web engine.
a15e8e3bbcf0339e99ef32ba2a6eb4b639b2b461d100788facd2371884643c33Debian Linux Security Advisory 5085-1 - Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.
0a1c5c3e3f1598ea66cbd52fa5a77ab866124388437e58a6c8661edb8f48157eDebian Linux Security Advisory 5086-1 - An out-of-bounds write was discovered in Thunderbird, which could be triggered via a malformed email message.
571fa77f76dcf78551867c4f943fb1e287a30d7b51caa18a8430dcf810222e6cDebian Linux Security Advisory 5087-1 - It was discovered that the SQL plugin in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, is prone to a SQL injection attack. An authenticated remote attacker can take advantage of this flaw to execute arbitrary SQL commands and for privilege escalation.
410b3b79060f1fcbba45f2a81cc0b6deac35652c246b8334e6570b6df4c9e79bA vulnerability exists within win32k that can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists in how the WndExtra field of a window can be manipulated into being treated as an offset despite being populated by an attacker-controlled value. This can be leveraged to achieve an out of bounds write operation, eventually leading to privilege escalation. This flaw was originally identified as CVE-2021-1732 and was patched by Microsoft on February 9th, 2021. In early 2022, a technique to bypass the patch was identified and assigned CVE-2022-21882. The root cause is is the same for both vulnerabilities. This exploit combines the patch bypass with the original exploit to function on a wider range of Windows 10 targets.
9902434a58e36c7838c71ee860592d8624368fc1b380cf4c9ccf530f09895fd2This Metasploit module exploits the "Apps" feature in Axis IP cameras. The feature allows third party developers to upload and execute eap applications on the device. The system does not validate the application comes from a trusted source, so a malicious attacker can upload and execute arbitrary code. The issue has no CVE, although the technique was made public in 2018. This module uploads and executes stageless meterpreter as root. Uploading the application requires valid credentials. The default administrator credentials used to be root:root but newer firmware versions force users to provide a new password for the root user. The module was tested on an Axis M3044-V using the latest firmware (9.80.3.8: December 2021). All modules that support the "Apps" feature are presumed to be vulnerable.
3b946c3c32ffbe1237309479a6f3fbc02ff1259e17c42ed2ee33315e97a2b97eThis Metasploit module exploits an unauthenticated command injection in a variety of Hikvision IP cameras (CVE-2021-36260). The module inserts a command into an XML payload used with an HTTP PUT request sent to the /SDK/webLanguage endpoint, resulting in command execution as the root user. This module specifically attempts to exploit the blind variant of the attack. The module was successfully tested against an HWI-B120-D/W using firmware V5.5.101 build 200408. It was also tested against an unaffected DS-2CD2142FWD-I using firmware V5.5.0 build 170725. Please see the Hikvision advisory for a full list of affected products.
7bd3dd72f17285cba701691f5d8795c84e79f211db3e6ea8a840141f658935a5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed