Gentoo Linux Security Advisory 202312-3 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 102.12 are affected.
f8ac609d52968c33edb33a5473d56980c6903abb5b1b5579ef50801f710c46bfUbuntu Security Notice 6561-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.
8f52ef16febd3fcb63d268e25f07f329e2c9d13758975705c9d030e5ddde6336MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do not provide an adequate session management for the administrative web interface. This allows adjacent attackers with access to the management network to read and modify the configuration of the device.
c694be2f3aeadf3e34a15c75c0c332496dca8eac6b5590d03759fec352bbdae6Gentoo Linux Security Advisory 202312-2 - A vulnerability has been found in Minecraft Server which leads to remote code execution. Versions greater than or equal to 1.18.1 are affected.
eed2c883b2664d05201148a078623ae24f53eec4bbf6382d0f9e73b5a2ce9dbaUbuntu Security Notice 6560-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue. Luci Stanescu discovered that OpenSSH incorrectly added destination constraints when smartcard keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
51525d3d372386042a7048e135a3579c6ec9ecb0ef1d895b68c1fc09cff7aaecTYPO3 version 11.5.24 suffers from a path traversal vulnerability.
03813e6c817dd07d0776cc4f2e231198a5090417fd417056ae4cf86789054797MajorDoMo versions prior to 0662e5e suffer from an unauthenticated remote code execution vulnerability.
230b495a6b7565bbb5d5945866c2290e007fca5c2b4cb6c9a1eee7926b83eddcApple Security Advisory 12-19-2023-1 - macOS Sonoma 14.2.1 addresses a session tracking issue.
ff03743c830c771fbd01d7356186b7a027eac19c6ac1a3a6bf86931d463c3b93Red Hat Security Advisory 2023-7879-03 - An update for opensc is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and out of bounds read vulnerabilities.
16e6e4713eedc916c1c323c6a070fec9bfe4595b8fb4781c7f863e71a367c259Red Hat Security Advisory 2023-7877-03 - An update for openssl is now available for Red Hat Enterprise Linux 8.
79766b90d0f80e7196504f3ddf5e7b091dcb56864a6c0e4babe5c713cefd9c29Red Hat Security Advisory 2023-7876-03 - An update for opensc is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
e166f025c98c78bc231527d657dc8d681065b9f4b2220116fa85d72d3953db7fRed Hat Security Advisory 2023-7875-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
6c18c13067330635a2b542912efdc2ce7855424b4a9cafe4165efcc6e622222bRed Hat Security Advisory 2023-7874-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
de402adf8e7a899128a25da20c1b4f7f603d4fef545aca232c98c74979caa9c8Red Hat Security Advisory 2023-7873-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow and use-after-free vulnerabilities.
db642aaf2431e4e6b3a4ee4c2674c8c1fee0b0b42f9df814ee4b41c747d5efeeRed Hat Security Advisory 2023-7872-03 - An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
aaf07f4cd9a29b5f433294d53ca3a36a3a01ccffd46a28760f760e6eacefbadfIn this paper, the authors show that as new encryption algorithms and mitigations were added to SSH, the SSH Binary Packet Protocol is no longer a secure channel: SSH channel integrity (INT-PST) is broken for three widely used encryption modes. This allows prefix truncation attacks where some encrypted packets at the beginning of the SSH channel can be deleted without the client or server noticing it. They demonstrate several real-world applications of this attack. They show that they can fully break SSH extension negotiation (RFC 8308), such that an attacker can downgrade the public key algorithms for user authentication or turn off a new countermeasure against keystroke timing attacks introduced in OpenSSH 9.5. They also identified an implementation flaw in AsyncSSH that, together with prefix truncation, allows an attacker to redirect the victim's login into a shell controlled by the attacker. Related proof of concept code from their github has been added to this archive.
3d6be8cc2a9c624a06990226485956c5d92675a632da2182c2546e4af814ff93
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed