#windows

A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.

By Waqas The cyberattack has forced the technology giant to shut down and take some of its operations offline. This is a post from HackRead.com Read the original post: Western Digital Security Breach – Hackers infiltrate Internal Systems

Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.

mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.

By Waqas Mullvad VPN and the Tor Project Join Forces to Launch Mullvad Browser, a Privacy-Focused Web Browser. This is a post from HackRead.com Read the original post: Mullvad VPN and Tor Project Release Mullvad Browser

Categories: News Tags: Lock and Code Tags: Anna Pobletts Tags: ChatGPT Tags: World Backup Day Tags: GitHub Tags: accidental breach Tags: DDoS service Tags: Instagram scammer Tags: top cyber threats of 2023 Tags: 3CX Tags: BingBang Tags: Apple Tags: EE phing Tags: phishing Tags: ransomware The most interesting security related news from the week of March 27 to April 2. (Read more...) The post A week in security (March 27 - April 2) appeared first on Malwarebytes Labs.

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.

A vulnerability, which was classified as critical, has been found in sjqzhang go-fastdfs up to 1.4.3. Affected by this issue is the function upload of the file /group1/uploa of the component File Upload Handler. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224768.

Plus: A major new supply chain attack, Biden’s spyware executive order, and a hacking campaign against Exxon’s critics.