Red Hat Security Advisory 2023-5790-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5790.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-reportlab security updateAdvisory ID:        RHSA-2023:5790-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5790Issue date:         2023-10-17Revision:           01CVE Names:          CVE-2019-19450====================================================================Summary: An update for python-reportlab is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python-reportlab is a library used for generation of PDF documents.Security Fix(es):* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-19450References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5790-01

Red Hat Security Advisory 2023-5789-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5789.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-reportlab security updateAdvisory ID:        RHSA-2023:5789-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5789Issue date:         2023-10-17Revision:           01CVE Names:          CVE-2019-19450====================================================================Summary: An update for python-reportlab is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python-reportlab is a library used for generation of PDF documents.Security Fix(es):* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-19450References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5789-01

Red Hat Security Advisory 2023-5788-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5788.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-reportlab security updateAdvisory ID:        RHSA-2023:5788-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5788Issue date:         2023-10-17Revision:           01CVE Names:          CVE-2019-19450====================================================================Summary: An update for python-reportlab is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python-reportlab is a library used for generation of PDF documents.Security Fix(es):* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-19450References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5788-01

Red Hat Security Advisory 2023-5787-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5787.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-reportlab security updateAdvisory ID:        RHSA-2023:5787-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5787Issue date:         2023-10-17Revision:           01CVE Names:          CVE-2019-19450====================================================================Summary: An update for python-reportlab is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python-reportlab is a library used for generation of PDF documents.Security Fix(es):* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-19450References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5787-01

Red Hat Security Advisory 2023-5786-01 - Python-reportlab is a library used for generation of PDF documents. Issues addressed include a code execution vulnerability.

    The following data is constructed from data provided by Red Hat's json file at:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_5786.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: python-reportlab security updateAdvisory ID:        RHSA-2023:5786-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:5786Issue date:         2023-10-17Revision:           01CVE Names:          CVE-2019-19450====================================================================Summary: An update for python-reportlab is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Python-reportlab is a library used for generation of PDF documents.Security Fix(es):* python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2019-19450References:https://access.redhat.com/security/updates/classification/#important

Red Hat Security Advisory 2023-5786-01

Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed XML data, arbitrary files on the server containing account information may be read by the attacker.

2023/10/10  
2023/10/17　更新  
2023/10/18　更新

本脆弱性に対しCVE番号が割り当てられましたため、お知らせの件名、内容を更新いたしました。

**本脆弱性に対応したProself Ver5.63を2023/10/17にリリースいたしました。**  
なお、Proself Gateway Edition、Proself Mail Sanitize Editionの次期バージョンにつきましては、誠に恐れ入りますがリリースまでしばらくお待ちくださいますようお願い申し上げます。

アップデート手順につきましては以下URLで公開しているチュートリアルに記載しておりますので、ダウンロードの上ご確認ください。

  
平素はProselfをご利用いただき、誠にありがとうございます。

弊社製品であるProselfにおきまして新たなゼロデイ脆弱性が発見されました(2023/10/04付)。脆弱性の内容としてはXXE(XML External Entity)となります(CVE-2023-45727)。攻撃者はXXEを悪用してProselfのアカウント情報を外部に送信し、その情報を元にProselfへの不正ログインを試みている可能性がございます。

本脆弱性は以下のバージョンに含まれます。

*   Proself Ver5.62以下
*   Proself Gateway Edition Ver1.65以下
*   Proself Mail Sanitize Edition Ver1.08以下

  
既に本脆弱性が悪用されていることを確認しておりますため、Proselfをご利用中のお客様におかれましてはお手数をおかけし誠に申し訳ございませんが、以下について急ぎご確認をお願い申し上げます。

【目次】

*   攻撃を受けたかどうかの確認
*   暫定対応について
*   恒久策について
*   Proselfのゼロデイ脆弱性への対応バージョンに関する補足

**攻撃を受けたかどうかの確認**  

  
以下の手順にてご確認ください。

**◆Linux OSの場合**

1.  コンソールを起動後、Proselfインストールフォルダ/logs に移動します。(赤文字部分)  
    以下はProselfインストールフォルダが「/usr/local/Proself5」である場合の例となります。
    
    \# cd /usr/local/Proself5/logs  
    
2.  以下コマンドを実行します。(赤文字部分)
    
    \# grep "jp.co.northgrid.proself.updater.afterreboot.logic.AfterRebootCheckLogic  - .\*Proself Ver" proself\_updater.log\*  
    
    ※改行を含めず必ず1行にして実行ください。  
    また、ダブルクォーテーション内の半角スペースが以下のようになっているかどうかを必ずご確認ください。  
    (略)AfterRebootCheckLogic(半角スペース)(半角スペース)\-(半角スペース).\*Proself(略)  
    

  
**◆Windows OSの場合**  

1.  コマンドプロンプトを起動後、Proselfインストールフォルダ/logs に移動します。(赤文字部分)  
    以下はProselfインストールフォルダが「C:\\Program Files\\Proself5」である場合の例となります。
    
    C:\\>cd "C:\\Program Files\\Proself5\\logs"  
    
2.  以下コマンドを実行します。(赤文字部分)
    
    C:\\Program Files\\Proself5\\logs>findstr /R /C:"jp.co.northgrid.proself.updater.afterreboot.logic.AfterRebootCheckLogic  - .\*Proself Ver" proself\_updater.log\*  
    
    ※改行を含めず必ず1行にして実行ください。  
    また、ダブルクォーテーション内の半角スペースが以下のようになっているかどうかを必ずご確認ください。  
    (略)AfterRebootCheckLogic(半角スペース)(半角スペース)\-(半角スペース).\*Proself(略)  
    

  
上記コマンド実行結果の見方は以下の通りとなります。

*   **コマンド実行時に出力がある場合**  
    以下のような出力がある場合は攻撃が行われた可能性がございます。
    
    proself\_updater.log:ERROR 2023-10-05 00-00-00: 864643784 \[https-jsse-nio-443-exec-14\] jp.co.northgrid.proself.updater.afterreboot.logic.AfterRebootCheckLogic - 「Proself Ver (何らかの文字列)  
    
      
    出力がある場合は影響有無の確認等を弊社で行いたく存じますので、大変恐れ入りますが「info@proself.jp」までご連絡いただくか、以下弊社お問い合わせフォームよりお問い合わせくださいますようお願い申し上げます。
    
    ※その他、万が一疑わしいログがあった場合は弊社にご連絡ください。  
    
*   **コマンド実行時に何も出力がない場合**  
    攻撃は行われておりません。  
    

**暫定対応について**  

  
以下の手順を実施ください。  

*   暫定対応については脆弱性が悪用されたどうかに関わらず全てのお客様が対象ですので、必ず実施くださいますようお願い申し上げます。
*   Proselfのサービス再起動は不要で即時反映されます。
*   本対応によるProselfのご利用ユーザーに対する影響はございません。

  

1.  以下のダウンロードURLにアクセスし「updaterafterreboot.xml」をダウンロードします。
    
    **◆ダウンロードURL**  
    https://support.proself.jp/public/tAIqAwIAvqA2rlEAT4ffrY7laqegWFKh-foM
    
    上記アクセス時にメールアドレスを入力し「パスワードを取得」をクリックしますと、パスワードの入力画面に切り替わると共にワンタイムパスワードが記載されたメールが送信されます。  
    画面上のパスワード欄にワンタイムパスワードを入力の上「パスワード送信」をクリックください。
    
2.  ダウンロードした「updaterafterreboot.xml」を「◆ダウンロードしたファイルの上書き先」に記載しているフォルダ内に上書きコピーします。
    
    **◆ダウンロードしたファイルの上書き先**
    
    Proselfインストールフォルダ/webapps/proself/WEB-INF/xml/process/admin/config/  
    
      
    **◆Linux OSの例**  
    Proselfインストールフォルダが「/usr/local/Proself5」である場合は、「updaterafterreboot.xml」の上書き先は以下のようになります。
    
    /usr/local/Proself5/webapps/proself/WEB-INF/xml/process/admin/config/  
    
      
    **◆Windows OSの例**  
    Proselfインストールフォルダが「C:\\Program Files\\Proself5」である場合は、「updaterafterreboot.xml」の上書き先は以下のようになります。
    
    C:\\Program Files\\Proself5\\webapps\\proself\\WEB-INF\\xml\\process\\admin\\config\\  
    

**恒久策について**  

  
本お知らせ冒頭に記載しております通り、本脆弱性の対応を行ったProself Ver5.63をリリース済みですので、アップデートを実施くださいますようお願いいたします。  
なお、Proself Gateway Edition、Proself Mail Sanitize Editionの次期バージョンにつきましては、誠に恐れ入りますがリリースまでしばらくお待ちくださいますようお願い申し上げます。

この度はご迷惑をおかけし誠に申し訳ございません。

**Proselfのゼロデイ脆弱性への対応バージョンに関する補足**  

  
次期バージョンリリースの対象につきましては以下の通りとなりますことを補足申し上げます。

*   以下は現在サポート中のため、脆弱性対応を行ったバージョンをリリースいたします。  
    *   Proself Enterprise Edition Ver.5
    *   Proself Standard Edition Ver.5
    *   Proself Gateway Edition Ver.1
    *   Proself Mail Sanitize Edition Ver.1
*   以下はサポート終了しているため、脆弱性対応を行ったバージョンのリリースは行いません。  
    *   Proself Enterprise Edition Ver.4以下
    *   Proself Standard Edition Ver.4以下

【ご注意】  
Ver.4以下(Enterprise Edition/Standard Edition)をご利用中の場合、Proselfのご利用を停止するかVer.5へのバージョンアップをご検討ください。サポートが終了しているバージョンをこのまま利用し続けた場合、脆弱性を悪用され全てのファイルが流出してしまう危険性がございます。  

  
サポートに関しては「Proself年間保守サービス規約」に基づいております。規約については以下のURLをご参照ください。  
https://www.proself.jp/pdf/proselfsupport.pdf  
※規約は保守サービスライセンス証書の裏面に印刷されているものと同様です。

以上

CVE-2023-45727: お知らせ: [至急]Proselfのゼロデイ脆弱性(CVE-2023-45727)による攻撃発生について(更新) / オンラインストレージ構築パッケージ Proself (プロセルフ)

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is fixed in 2.0.6




Hi.  
It is very easy to make Mosquitto use 100% of the CPU. Just run the command:  
openssl s\_client -connect mosquitt-server: 8883

I ran a look at the server code today and found the cause of the problem.  
Until a timeout occurs, the server will continue to execute the main loop without pausing. This is because epoll\_wait gets the EPOLLOUT event all the time. Below are two diagrams showing the CPU consumption with and without the fix.

Unfixed (100% CPU):  
mosquitto-cpuprof-TooHigh.pdf

with the fix (0.7% CPU):  
mosquitto-cpuprof-Normal.pdf

@ralight should check if my patch does not restore the problem that his commit solved  
fabdfcc

CVE-2023-5632: 100% CPU usage in case the client doesn't send data - bug fix by przemyslawzygmunt · Pull Request #2053 · eclipse/mosquitto

A lack of input sanitizing in the file download feature of eSST Monitoring v2.147.1 allows attackers to execute a path traversal.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-41629: CVE-Advisory/CVE-2023-41629-eSST-Path-Traversal.pdf at main · post-cyberlabs/CVE-Advisory

eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the Gii code generator component.

CVE-2023-41630: CVE-Advisory/CVE-2023-41630-eSST-Preauth-RCE.pdf at main · post-cyberlabs/CVE-Advisory

eSST Monitoring v2.147.1 was discovered to contain a remote code execution (RCE) vulnerability via the file upload function.

Tag

#pdf