Packet Storm

Ubuntu Security Notice 5871-2 - USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Ubuntu 18.04 LTS. It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport.

Ubuntu Security Notice 5908-1 - It was discovered that Sudo incorrectly handled the per-command chroot feature. In certain environments where Sudo is configured with a rule that contains a CHROOT setting, a local attacker could use this issue to cause Sudo to crash, resulting in a denial of service, or possibly escalate privileges.

NetBSD hfslib_reada_node_offset local overflow proof of concept exploit.

Ubuntu Security Notice 5482-2 - USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120,CVE-2021-44122 and CVE-2021-44123. It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS.

Ubuntu Security Notice 5907-1 - It was discovered that c-ares incorrectly handled certain sortlist strings. A remote attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.

This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is uploaded as a cfm file when queried by the target server. When executed, the payload will run as the user specified during the Lucee installation. On Windows, this is a service account; on Linux, it is either the root user or lucee.

Ubuntu Security Notice 5906-1 - Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to obtain sensitive information.

Ubuntu Security Notice 5904-1 - Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Debian Linux Security Advisory 5367-1 - It was discovered that SPIP, a website engine for publishing, would allow a malicious user to execute arbitrary code.

Red Hat Security Advisory 2023-1047-01 - A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, server-side request forgery, and traversal vulnerabilities.