Red Hat Security Advisory 2024-7203-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7203.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: git-lfs security updateAdvisory ID:        RHSA-2024:7203-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7203Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for git-lfs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7203-03

Red Hat Security Advisory 2024-7202-03 - An update for grafana is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_7202.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: grafana security updateAdvisory ID:        RHSA-2024:7202-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:7202Issue date:         2024-09-26Revision:           03CVE Names:          CVE-2024-34156====================================================================Summary: An update for grafana is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es):* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-34156References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2310528

Red Hat Security Advisory 2024-7202-03

Debian Linux Security Advisory 5775-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5775-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonSeptember 26, 2024                    https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-9120 CVE-2024-9121 CVE-2024-9122 CVE-2024-9123Security issues were discovered in Chromium which could resultin the execution of arbitrary code, denial of service, or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 129.0.6668.70-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmb1qSEACgkQZF0CR8NudjdJ1xAAwHCBuCBtp2ecK6dEPHkMkq5rb+kr907VAzDoH7xs7qLe95pf7oKoC4H4d2yvb57sb8uU6QlUX42GzfiE2cT6UaZXLigh4Fxi5x/uW4dwT5E6OHnEzugAbLsBj5k8VKevPrI0D7rqXQWtPfDCDdwMCkc2jmbzLdPIcTmkeU1+uyF6xzoCD12O/lQw+ybpyv1Y2om3VIxdDil6wAO+m3GILGrAeSkxs5AY8Etsy1zInhQlmJfgya+AV25egzm3w+rmx54zkea4RSLK75yLmWlMNGXLYSlX8jykSBdM+fFvLTmWbvOj4lI/4vBZPPcNW2DNRC+K4jwURSUyeJoq6zhCgebjXR1FfI4Ebehht/7Wrum+y6w97+liPtNj930oOywXNUZEy3r/5k6EEYiul7I2DHVo/y1GlsdSpdIz8dd1bN3H3vlBhJ2P62ZUVOLAzAsyfCJV6AEi8XSa64bcH2+qPn4J076PrXx9bX09Mmigafi3bDDFgCwktbF98FX+Bbfy46Hxnh5fheWmzEMErsLBpSxABJGL4yqVDiQgRX//FDdxF71i09jEbbQAlBxUtpve8FfMF3D2xEjufY4OU9NK75xfVu8sV7EWRgJT824Sbzz4M+FfvWe2aG1HBzbHFkPwHiavpFh3hAuTEq3zpf5C0a1+z3A4MuqQIuex/9bFsGQ==gfXn-----END PGP SIGNATURE-----

Debian Security Advisory 5775-1

Ubuntu Security Notice 7040-1 - It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service.

==========================================================================  
Ubuntu Security Notice USN-7040-1  
September 26, 2024

configobj vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS

Summary:

ConfigObj could be made to crash if it received specially crafted input.

Software Description:  
- configobj: simple but powerful config file reader and writer for Python

Details:

It was discovered that ConfigObj contains regex that is susceptible to  
catastrophic backtracking. An attacker could possibly use this issue to  
cause a regular expression denial of service.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS  
  python3-configobj               5.0.6-5ubuntu0.1

Ubuntu 20.04 LTS  
  python3-configobj               5.0.6-4ubuntu0.1

Ubuntu 18.04 LTS  
  python-configobj                5.0.6-2ubuntu0.18.04.1~esm1  
                                  Available with Ubuntu Pro  
  python3-configobj               5.0.6-2ubuntu0.18.04.1~esm1  
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS  
  python-configobj                5.0.6-2ubuntu0.16.04.1~esm1  
                                  Available with Ubuntu Pro  
  python3-configobj               5.0.6-2ubuntu0.16.04.1~esm1  
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-7040-1  
  CVE-2023-26112

Package Information:  
  https://launchpad.net/ubuntu/+source/configobj/5.0.6-5ubuntu0.1  
  https://launchpad.net/ubuntu/+source/configobj/5.0.6-4ubuntu0.1

Ubuntu Security Notice USN-7040-1

Simple Online Banking System version 1.0 suffers from an ignored default credential vulnerability.

    =============================================================================================================================================| # Title     : Simple Online Banking System v1.0 Insecure Settings Vulnerability                                                           || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/php/14868/banking-system-using-php-free-source-code.html                                     |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user = admin & pass = admin123[+] https://www/127.0.0.1/demo/site/loginGreetings to :=====================================================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|===================================================================================================

Simple Online Banking System 1.0 Insecure Settings

ABB Cylon Aspect version 3.07.01 BMS/BAS controller is operating with default and hard-coded credentials contained in install package while exposed to the Internet.

    ABB Cylon Aspect 3.07.01 (config.inc.php) Hard-coded Credentials in phpMyAdminVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio                  Firmware: <=3.07.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.Desc: The ABB BMS/BAS controller is operating with default and hard-codedcredentials contained in install package while exposed to the Internet.Tested on: GNU/Linux 3.15.10 (armv7l)           GNU/Linux 3.10.0 (x86_64)           GNU/Linux 2.6.32 (x86_64)           Intel(R) Atom(TM) Processor E3930 @ 1.30GHz           Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz           PHP/7.3.11           PHP/5.6.30           PHP/5.4.16           PHP/4.4.8           PHP/5.3.3           AspectFT Automation Application Server           lighttpd/1.4.32           lighttpd/1.4.18           Apache/2.2.15 (CentOS)           OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64)           OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)           phpMyAdmin 2.11.9Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceReported by DIVDAdvisory ID: ZSL-2024-5830Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5830.phpCVE ID: CVE-2024-4007CVE URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-400721.04.2024--$ cat project                 P   R   O   J   E   C   T                        .|                        | |                        |'|            ._____                ___    |  |            |.   |' .---"|        _    .-'   '-. |  |     .--'|  ||   | _|    |     .-'|  _.|  |    ||   '-__  |   |  |    ||      |     |' | |.    |    ||       | |   |  |    ||      | ____|  '-'     '    ""       '-'   '-.'    '`      |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░                                                                     ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░          ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░          ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░                                                                                                                                                              $ cat max/var/www/html/phpMyAdmin/config.inc.php | grep control$cfg['Servers'][$i]['controluser'] = 'root';$cfg['Servers'][$i]['controlpass'] = 'F@c1liTy';

ABB Cylon Aspect 3.07.01 Hard-Coded Credentials

Proof of concept toolkit to demonstrate the issue noted in CVE-2023-52709 related to the TI bluetooth stack. When running Defensics test case #SMP legacy 1001 with loop mode on DUT configured as resolvable private address, after a while, the device will end up generating unresolvable random private address causing denial of service for already bonded peer devices.

TI Bluetooth Denial Of Service

pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.

pgAdmin 8.11 Information Disclosure

Ubuntu Security Notice 7039-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7039-1September 26, 2024linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 LTS- Ubuntu 14.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-kvm: Linux kernel for cloud environments- linux-lts-xenial: Linux hardware enablement kernel from Xenial for TrustyDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - GPU drivers;  - Input Device (Tablet) drivers;  - Modular ISDN driver;  - Multiple devices driver;  - Network drivers;  - Near Field Communication (NFC) drivers;  - SCSI drivers;  - GCT GDM724x LTE driver;  - USB subsystem;  - VFIO drivers;  - GFS2 file system;  - JFS file system;  - NILFS2 file system;  - Networking core;  - IPv4 networking;  - L2TP protocol;  - Netfilter;  - RxRPC session sockets;(CVE-2024-26651, CVE-2024-38583, CVE-2023-52527, CVE-2024-26880,CVE-2022-48850, CVE-2024-26733, CVE-2021-47188, CVE-2024-42154,CVE-2023-52809, CVE-2024-42228, CVE-2022-48863, CVE-2022-48836,CVE-2022-48838, CVE-2024-26677, CVE-2024-27437, CVE-2022-48857,CVE-2022-48791, CVE-2021-47181, CVE-2024-26851, CVE-2024-40902,CVE-2022-48851, CVE-2024-38570)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 LTS  linux-image-4.4.0-1137-kvm      4.4.0-1137.147                                  Available with Ubuntu Pro  linux-image-4.4.0-1174-aws      4.4.0-1174.189                                  Available with Ubuntu Pro  linux-image-4.4.0-259-generic   4.4.0-259.293                                  Available with Ubuntu Pro  linux-image-4.4.0-259-lowlatency  4.4.0-259.293                                  Available with Ubuntu Pro  linux-image-aws                 4.4.0.1174.178                                  Available with Ubuntu Pro  linux-image-generic             4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-generic-lts-utopic  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-generic-lts-vivid   4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-generic-lts-wily    4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-generic-lts-xenial  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-kvm                 4.4.0.1137.134                                  Available with Ubuntu Pro  linux-image-lowlatency          4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-lowlatency-lts-utopic  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-lowlatency-lts-vivid  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-lowlatency-lts-wily  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-lowlatency-lts-xenial  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-virtual             4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-virtual-lts-utopic  4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-virtual-lts-vivid   4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-virtual-lts-wily    4.4.0.259.265                                  Available with Ubuntu Pro  linux-image-virtual-lts-xenial  4.4.0.259.265                                  Available with Ubuntu ProUbuntu 14.04 LTS  linux-image-4.4.0-1136-aws      4.4.0-1136.142                                  Available with Ubuntu Pro  linux-image-4.4.0-259-generic   4.4.0-259.293~14.04.1                                  Available with Ubuntu Pro  linux-image-4.4.0-259-lowlatency  4.4.0-259.293~14.04.1                                  Available with Ubuntu Pro  linux-image-aws                 4.4.0.1136.133                                  Available with Ubuntu Pro  linux-image-generic-lts-xenial  4.4.0.259.293~14.04.1                                  Available with Ubuntu Pro  linux-image-lowlatency-lts-xenial  4.4.0.259.293~14.04.1                                  Available with Ubuntu Pro  linux-image-virtual-lts-xenial  4.4.0.259.293~14.04.1                                  Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7039-1  CVE-2021-47181, CVE-2021-47188, CVE-2022-48791, CVE-2022-48836,  CVE-2022-48838, CVE-2022-48850, CVE-2022-48851, CVE-2022-48857,  CVE-2022-48863, CVE-2023-52527, CVE-2023-52809, CVE-2024-26651,  CVE-2024-26677, CVE-2024-26733, CVE-2024-26851, CVE-2024-26880,  CVE-2024-27437, CVE-2024-38570, CVE-2024-38583, CVE-2024-40902,  CVE-2024-42154, CVE-2024-42228

Ubuntu Security Notice USN-7039-1

Ubuntu Security Notice 7021-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7021-3September 26, 2024linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-lowlatency: Linux low latency kernel- linux-lowlatency-hwe-5.15: Linux low latency kernelDetails:Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - GPU drivers;  - BTRFS file system;  - F2FS file system;  - GFS2 file system;  - BPF subsystem;  - Netfilter;  - RxRPC session sockets;  - Integrity Measurement Architecture(IMA) framework;(CVE-2024-39494, CVE-2024-38570, CVE-2024-27012, CVE-2024-39496,CVE-2024-42160, CVE-2024-41009, CVE-2024-42228, CVE-2024-26677)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS  linux-image-5.15.0-122-lowlatency  5.15.0-122.132  linux-image-5.15.0-122-lowlatency-64k  5.15.0-122.132  linux-image-lowlatency          5.15.0.122.111  linux-image-lowlatency-64k      5.15.0.122.111Ubuntu 20.04 LTS  linux-image-5.15.0-122-lowlatency  5.15.0-122.132~20.04.1  linux-image-5.15.0-122-lowlatency-64k  5.15.0-122.132~20.04.1  linux-image-lowlatency-64k-hwe-20.04  5.15.0.122.132~20.04.1  linux-image-lowlatency-hwe-20.04  5.15.0.122.132~20.04.1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7021-3  https://ubuntu.com/security/notices/USN-7021-2  https://ubuntu.com/security/notices/USN-7021-1  CVE-2024-26677, CVE-2024-27012, CVE-2024-38570, CVE-2024-39494,  CVE-2024-39496, CVE-2024-41009, CVE-2024-42160, CVE-2024-42228Package Information:  https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-122.132  https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-122.132~20.04.1

Source

Packet Storm