#js

Red Hat Security Advisory 2023-3771-01 - The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection. Issues addressed include bypass, denial of service, and null pointer vulnerabilities.

Red Hat Security Advisory 2023-3741-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

Debian Linux Security Advisory 5435-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service.

Red Hat Security Advisory 2023-3342-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.13. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-3725-01 - The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors.

Red Hat Security Advisory 2023-3723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.

### Summary The current cryptography implementation in Sliver up to version 1.5.39 allows a MitM with access to the corresponding implant binary to execute arbitrary codes on implanted devices via intercepted and crafted responses. (Reserved CVE ID: CVE-2023-34758) ### Details Please see [the PoC repo](https://github.com/tangent65536/Slivjacker). ### PoC Please also see [the PoC repo](https://github.com/tangent65536/Slivjacker). To setup a simple PoC environment, 1. Generate an implant with its C2 set to the PoC server's address and copy the embedded private implant key and public server key into the config json. 2. Run the implant on a separate VM and a `notepad.exe` window should pop up on the implanted VM. ### Impact A successful attack grants the attacker permission to execute arbitrary code on the implanted device. ### References https://github.com/BishopFox/sliver/blob/master/implant/sliver/cryptography/implant.go https://github.com/BishopFox/sliver/blob/master/...

A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request.