#ssl

After months of meticulous planning, investigators finally move in to catch AlphaBay’s mastermind red-handed. Then the case takes a tragic turn.

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.

### Impact When [`tf.raw_ops.ResizeNearestNeighborGrad`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc) is given a large `size` input, it overflows. ``` import tensorflow as tf align_corners = True half_pixel_centers = False grads = tf.constant(1, shape=[1,8,16,3], dtype=tf.float16) size = tf.constant([1879048192,1879048192], shape=[2], dtype=tf.int32) tf.raw_ops.ResizeNearestNeighborGrad(grads=grads, size=size, align_corners=align_corners, half_pixel_centers=half_pixel_centers) ``` ### Patches We have patched the issue in GitHub commit [00c821af032ba9e5f5fa3fe14690c8d28a657624](https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624). The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. ### For more information Please consult [our security guide](h...

### Impact When [`tf.raw_ops.ImageProjectiveTransformV2`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc) is given a large output shape, it overflows. ```python import tensorflow as tf interpolation = "BILINEAR" fill_mode = "REFLECT" images = tf.constant(0.184634328, shape=[2,5,8,3], dtype=tf.float32) transforms = tf.constant(0.378575385, shape=[2,8], dtype=tf.float32) output_shape = tf.constant([1879048192,1879048192], shape=[2], dtype=tf.int32) tf.raw_ops.ImageProjectiveTransformV2(images=images, transforms=transforms, output_shape=output_shape, interpolation=interpolation, fill_mode=fill_mode) ``` ### Patches We have patched the issue in GitHub commit [8faa6ea692985dbe6ce10e1a3168e0bd60a723ba](https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba). The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also a...

### Impact When [`tf.raw_ops.FusedResizeAndPadConv2D`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc) is given a large tensor shape, it overflows. ```python import tensorflow as tf mode = "REFLECT" strides = [1, 1, 1, 1] padding = "SAME" resize_align_corners = False input = tf.constant(147, shape=[3,3,1,1], dtype=tf.float16) size = tf.constant([1879048192,1879048192], shape=[2], dtype=tf.int32) paddings = tf.constant([3,4], shape=[2], dtype=tf.int32) filter = tf.constant(123, shape=[1,3,4,1], dtype=tf.float16) tf.raw_ops.FusedResizeAndPadConv2D(input=input, size=size, paddings=paddings, filter=filter, mode=mode, strides=strides, padding=padding, resize_align_corners=resize_align_corners) ``` ### Patches We have patched the issue in GitHub commit [d66e1d568275e6a2947de97dca7a102a211e01ce](https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce). The fix will be included in TensorFlow 2.1...

This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a draft email, the attachment will be placed in the /tmp_attach/ folder of the ChurchInfo web server, which is accessible over the web by any user. By uploading a PHP attachment and then browsing to the location of the uploaded PHP file on the web server, arbitrary code execution as the web daemon user (e.g. www-data) can be achieved.

This Metasploit module exploits a cross-site request forgery (CSRF) vulnerability in F5 Big-IP's iControl interface to write an arbitrary file to the filesystem. While any file can be written to any location as root, the exploitability is limited by SELinux; the vast majority of writable locations are unavailable. By default, we write to a script that executes at reboot, which means the payload will execute the next time the server boots. An alternate target - Login - will add a backdoor that executes next time a user logs in interactively. This overwrites a file, but we restore it when we get a session Note that because this is a CSRF vulnerability, it starts a web server, but an authenticated administrator must visit the site, which redirects them to the target.

Ubuntu Security Notice 5733-1 - It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. It was discovered that FLAC was not properly performing bounds checking operations when decoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

[Want Bob to stop complaining? Change your practices.] [Don't delay change – it can cost you] ["Always done it that way"? Think again.] [Why you should think again about doing it the old way] [Why you should think again about doing it the same old way] As IT professionals, we all reach a certain point in our IT career where we realize that some of our everyday tasks are done the same way year