Progress WhatsUp Gold WriteDatafile unauthenticated remote code execution proof of concept exploit.

Progress WhatsUp Gold WriteDatafile Unauthenticated Remote Code Execution

Progress WhatsUp Gold GetFileWithoutZip unauthenticated remote code execution proof of concept exploit.

Progress WhatsUp Gold GetFileWithoutZip Unauthenticated Remote Code Execution

Gentoo Linux Security Advisory 202407-19 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.11.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202407-19  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Mozilla Thunderbird: Multiple Vulnerabilities  
     Date: July 06, 2024  
     Bugs: #932375  
       ID: 202407-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Mozilla Thunderbird,  
the worst of which could lead to remote code execution.

Background  
==========

Mozilla Thunderbird is a popular open-source email client from the  
Mozilla project.

Affected packages  
=================

Package                      Vulnerable    Unaffected  
---------------------------  ------------  ------------  
mail-client/thunderbird      < 115.11.0    >= 115.11.0  
mail-client/thunderbird-bin  < 115.11.0    >= 115.11.0

Description  
===========

Multiple vulnerabilities have been discovered in Mozilla Thunderbird.  
Please review the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Mozilla Thunderbird binary users should upgrade to the latest  
version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-115.11.0"

All Mozilla Thunderbird users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-115.11.0"

References  
==========

[ 1 ] CVE-2024-2609  
      https://nvd.nist.gov/vuln/detail/CVE-2024-2609  
[ 2 ] CVE-2024-3302  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3302  
[ 3 ] CVE-2024-3854  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3854  
[ 4 ] CVE-2024-3857  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3857  
[ 5 ] CVE-2024-3859  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3859  
[ 6 ] CVE-2024-3861  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3861  
[ 7 ] CVE-2024-3864  
      https://nvd.nist.gov/vuln/detail/CVE-2024-3864

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202407-19

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202407-19

Microsoft Office 365 appears susceptible to macro code execution that can result in remote code execution.

    ### [CVE-2024-30104](https://attackerkb.com/contributors/nu11secur1ty)The problem is still in the "docx" files this vulnerability is a 0 daybased on the Follina exploit. The Microsoft company still doesn't wantto understand, that they MUST remove macros options from the 365Office and their offline app. In this video, you will see an exampleof this, how some users can be trickery to open the malicious filethat is sent to them by the attacker. After execution of the file, thething will be very bad for the users who execute it on their computer.It depends of the scenario.### The exploit:```vbsSub AutoOpen()Dim Program As StringDim TaskID As DoubleOn Error Resume NextProgram = "shutdown /R"TaskID = Shell(Program, 1)If Err <> 0 ThenMsgBox "Can't start " & ProgramEnd IfEnd Sub```- Enjoy watching### PoC:[video](https://www.patreon.com/posts/cve-2024-30104-107163015)

Microsoft Office 265 Remote Code Execution

Gentoo Linux Security Advisory 202407-14 - Multiple vulnerabilities have been discovered in TigerVNC, the worst of which could lead to remote code execution. Versions greater than or equal to 1.12.0-r2 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202407-14  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: TigerVNC: Multiple Vulnerabilities  
     Date: July 05, 2024  
     Bugs: #700464  
       ID: 202407-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in TigerVNC, the worst of  
which could lead to remote code execution.

Background  
==========

TigerVNC is a high-performance VNC server/client.

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
net-misc/tigervnc  < 1.12.0-r2   >= 1.12.0-r2

Description  
===========

Multiple vulnerabilities have been discovered in TigerVNC. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All TigerVNC users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=net-misc/tigervnc-1.12.0-r2"

References  
==========

[ 1 ] CVE-2019-15691  
      https://nvd.nist.gov/vuln/detail/CVE-2019-15691  
[ 2 ] CVE-2019-15692  
      https://nvd.nist.gov/vuln/detail/CVE-2019-15692  
[ 3 ] CVE-2019-15694  
      https://nvd.nist.gov/vuln/detail/CVE-2019-15694  
[ 4 ] CVE-2019-15695  
      https://nvd.nist.gov/vuln/detail/CVE-2019-15695  
[ 5 ] CVE-2020-26117  
      https://nvd.nist.gov/vuln/detail/CVE-2020-26117

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202407-14

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202407-14

Gentoo Linux Security Advisory 202407-10 - Multiple vulnerabilities have been discovered in Sofia-SIP, the worst of which can lead to remote code execution. Versions prior to 1.13.16 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202407-10  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High  
    Title: Sofia-SIP: Multiple Vulnerabilities  
     Date: July 05, 2024  
     Bugs: #891791  
       ID: 202407-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been discovered in Sofia-SIP, the worst of  
which can lead to remote code execution.

Background  
==========

Sofia-SIP is an RFC3261 compliant SIP User-Agent library.

Affected packages  
=================

Package             Vulnerable    Unaffected  
------------------  ------------  ------------  
net-libs/sofia-sip  < 1.13.16     Vulnerable!

Description  
===========

Multiple vulnerabilities have been discovered in Sofia-SIP. Please  
review the CVE identifiers referenced below for details.

Impact  
======

Multiple vulnerabilities have been discovered in Sofia-SIP. Please  
review the CVE identifiers referenced below for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

Gentoo has discontinued support for the Sofia-SIP package. We recommend  
that users unmerge it:

  # emerge --ask --depclean "net-libs/sofia-sip"

References  
==========

[ 1 ] CVE-2023-22741  
      https://nvd.nist.gov/vuln/detail/CVE-2023-22741  
[ 2 ] CVE-2023-32307  
      https://nvd.nist.gov/vuln/detail/CVE-2023-32307

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202407-10

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202407-10

Debian Linux Security Advisory 5725-1 - Johannes Kuhn discovered that messages and channel names are not properly escaped in the modtcl module in ZNC, a IRC bouncer, which could result in remote code execution via specially crafted messages.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5725-1                   security@debian.orghttps://www.debian.org/security/                     Salvatore BonaccorsoJuly 03, 2024                         https://www.debian.org/security/faq- -------------------------------------------------------------------------Package        : zncCVE ID         : CVE-2024-39844Debian Bug     : 1075729Johannes Kuhn discovered that messages and channel names are notproperly escaped in the modtcl module in ZNC, a IRC bouncer, which couldresult in remote code execution via specially crafted messages.For the oldstable distribution (bullseye), this problem has been fixedin version 1.8.2-2+deb11u1.For the stable distribution (bookworm), this problem has been fixed inversion 1.8.2-3.1+deb12u1.We recommend that you upgrade your znc packages.For the detailed security status of znc please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/zncFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: debian-security-announce@lists.debian.org-----BEGIN PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmaFtdJfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0SD/w/9GnF+OQrjFxg2waLPlyE25kUbjXQUN1XkSyJO44eVlpLl8C2QJHx1w6f++9WENFPxksEE5XcXi/tbdNw5haqvkWv8AvnQ8w0YAQzT9/p5US9Osm5WEky2XPhjinvpQCSm19rUEKYhaU0PlTf3xIoxtI3SifTF0dQNv9WKRP2kBbSKnUYPITpXSz87qgfqHZB/EW8IOBQ6hOn4DPGwtLGad3nqdPUij1PO5YRh2I/CjU9etj0JJtFSHowgg5d5P6vdmbCSQ02OB8NGD/qeJtgou62GPRnRkYacXZSD/x+znwfoRdJZhp/VbhRaPzGLWIwt6g0TX/VJ+NiK5mQ9JkAo78dVJUWpOmjtlRzisGD6OwZtEtuEul60E3d5YS++IPkVZvy1yEZuChWwGtWwJA9u4kU3Yss4qbayQzXKS9tN1ZZnHIGaWE2zDekXhVf9/xpU6WPOeqVfiqeR0OoVnbVuh5zlZXqFupa5dCaXlyJDyXDAVDfuK4WwZK1dODwBkYsjY4sxPfzFQ0ANTLorhqEpVrE8okpiVmkISG+sdqNXRbmQN8TN9D7P34/NS13+arq3/fTQTZFPKMgT37mKXs15XjTPpTlgTOwkoZWR36klZDvY7mbtyqjdifBxE9LstG9iXAXnwTum0s+NnEovBAOq9gkgu7Ahw45RIqmf0BRHF/w==zbCH-----END PGP SIGNATURE-----

Debian Security Advisory 5725-1

103 models of Toshiba Multi-Function Printers (MFP) are vulnerable to 40 different vulnerabilities including remote code execution, local privilege escalation, xml injection, and more.

Toshiba Multi-Function Printers 40 Vulnerabilities

308 different models of Sharp Multi-Function Printers (MFP) are vulnerable to 18 different vulnerabilities including remote code execution, local file inclusion, credential disclosure, and more.

Sharp Multi-Function Printer 18 Vulnerabilities

Red Hat Security Advisory 2024-4312-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_4312.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: openssh security updateAdvisory ID:        RHSA-2024:4312-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:4312Issue date:         2024-07-03Revision:           03CVE Names:          CVE-2024-6387====================================================================Summary: An update for openssh is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.Security Fix(es):* openssh: Possible remote code execution due to a race condition in signal handling (CVE-2024-6387)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6387References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2294604

Tag

#rce