Malware Devil

Thursday, June 3, 2021

ESB-2021.1924 – [RedHat] EAP XP 1: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1924
EAP XP 1 security update to CVE fixes in the EAP 7.3.x base
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: EAP XP 1
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Cross-site Scripting — Remote/Unauthenticated
Denial of Service — Remote/Unauthenticated
Access Confidential Data — Remote/Unauthenticated
Reduced Security — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-21290 CVE-2021-20250 CVE-2021-20220
CVE-2020-35510 CVE-2020-28052 CVE-2020-13936
CVE-2020-8908

Reference: ESB-2021.1755
ESB-2021.1431
ESB-2020.3065
ESB-2020.2837

Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:2210

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: EAP XP 1 security update to CVE fixes in the EAP 7.3.x base
Advisory ID: RHSA-2021:2210-01
Product: Red Hat JBoss Enterprise Application Platform
Advisory URL: https://access.redhat.com/errata/RHSA-2021:2210
Issue date: 2021-06-02
CVE Names: CVE-2020-8908 CVE-2020-13936 CVE-2020-28052
CVE-2020-35510 CVE-2021-20220 CVE-2021-20250
CVE-2021-21290
=====================================================================

1. Summary:

This advisory resolves CVE issues filed against XP1 releases that have been
fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP1
code base.

NOTE: This advisory is informational only. There are no code changes
associated with it. No action is required.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Description:

These are CVE issues filed against XP1 releases that have been fixed in the
underlying EAP 7.3.x base, so no changes to the EAP XP1 code base.

Security Fix(es):

* velocity: arbitrary code execution when attacker is able to modify
templates (CVE-2020-13936)

* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility
possible (CVE-2020-28052)

* jboss-remoting: Threads hold up forever in the EJB server by suppressing
the ack from an EJB client (CVE-2020-35510)

* undertow: Possible regression in fix for CVE-2020-10687 (CVE-2021-20220)

* wildfly: Information disclosure due to publicly accessible privileged
actions in JBoss EJB Client (CVE-2021-20250)

* netty: Information disclosure via the local system temporary directory
(CVE-2021-21290)

* guava: local information disclosure via temporary directory created with
unsafe permissions (CVE-2020-8908)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

3. Solution:

This advisory is informational only. There are no code changes associated
with it. No action is required.

4. Bugs fixed (https://bugzilla.redhat.com/):

1905796 – CVE-2020-35510 jboss-remoting: Threads hold up forever in the EJB server by suppressing the ack from an EJB client
1906919 – CVE-2020-8908 guava: local information disclosure via temporary directory created with unsafe permissions
1912881 – CVE-2020-28052 bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible
1923133 – CVE-2021-20220 undertow: Possible regression in fix for CVE-2020-10687
1927028 – CVE-2021-21290 netty: Information disclosure via the local system temporary directory
1929479 – CVE-2021-20250 wildfly: Information disclosure due to publicly accessible privileged actions in JBoss EJB Client
1937440 – CVE-2020-13936 velocity: arbitrary code execution when attacker is able to modify templates

5. References:

https://access.redhat.com/security/cve/CVE-2020-8908
https://access.redhat.com/security/cve/CVE-2020-13936
https://access.redhat.com/security/cve/CVE-2020-28052
https://access.redhat.com/security/cve/CVE-2020-35510
https://access.redhat.com/security/cve/CVE-2021-20220
https://access.redhat.com/security/cve/CVE-2021-20250
https://access.redhat.com/security/cve/CVE-2021-21290
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/articles/5734021
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide
https://access.redhat.com/articles/5886431

6. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

iQIVAwUBYLeUktzjgjWX9erEAQgwuxAAoE5FcOBf75luy5b546Zm+KLrc+lHXMWn
kjQ/yRJLCeabKIYQH091A15uqJxiTMcb+0poM2oHBTDEYmbKbDxUhWw2Q+eCkVhF
6OdzLy3FU9qMLi2WtS6US4Mtk0xUaEDr8VWd09RRqWB7IQYZiq93Dx7LVrwIpOUV
EpMLm+CwnALmNdLUMEbMm5mqhD7UUGFx2/iRyP/tTAqjW3uOkxDCQ/wCm32fxqTp
sEEgyBJHEoK+XZtuQKRhjHqweelCKCjK31WuiegNnPB1ZYXU2uZFtjBdeKg4BeoA
7UC8wHAvx1dqgGOKooECW+CaIZ+kXLwZuaSBMBiYdfcCpJz3vYTBlBGW2tZnftT3
o8q5UOiMTpSs6letZFlyoA+HmS3emh58RF1VCyAaQ7UTsFohFIxRCyg1PxTfQNLf
BVT9uOBP7L5yksrt+cxe8f0PPr6Krz4g09nPJCM8RQInjh4qHGeFgjuUrGy+aLgk
cxfQoNgUFrpNw/DvV+K7OZ9Ut4TsP+9FgrZfXA4diekB4Lzq8WNC7C8HBBxy3t3n
RagO+V5kZT77ulNnXVG3rr1X8SWPXd4sk8VY7BAwjX1X2XoE7gogRzoojh7AKGwV
BdrpRmBdXoHnIocuVOkgVx3pjP2fxhVG93lAkKv3KjBHBAtQZ3ujzkAT7uKOCbPD
oMoAg+Ex0fU=
=+Ekz
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

You have received this e-mail bulletin as a result of your organisation’s
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT’s members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation’s
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author’s website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
—–BEGIN PGP SIGNATURE—–
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYLhjguNLKJtyKPYoAQg5hQ//d23PF6HMR3/oGTzTogZO9bxt67Al+O1P
9B+soFzes+6cYjjvGEsdmOgyeOQyKU5g/DROAzjRJzvM/1v7UGmwfmR4qeoYOs2l
7ewQIajMbvdfUglaSNv4kI957tR3rafDonfbHUYlXtH274PbaLQ0UfYX6GqObLnR
7I7XjjCgHhMpXlnKGvU/UiS0ibhLbRTp05au8a7ogAbg3SgA5kXqbO3uNw3LA9VQ
bnE/ZJ6KKBol5fTQ5zWtBagX4mQk8JgW7gzZgUi+6O2LCeNyHGvUq18GPeryYKiu
Fe9Y5dinkqftCkAN6kh+Z7tc5+TtJQfDsnHKCotd6e/QwE18QUYM2gvC2W8hirjz
Sdv+sSRy7rZBOBmoA+j4AtSfyikXGghUghY/V8BuVRkb70orL1zluOWprWeFL3zz
FriorZ/M0/nOoQVdYtxigAAboAv3VfcWyKptrKe9nOhoZhyxMXSdhQYqbAQo5EsO
bMmN5KDFDnTIOyKFDoyBRoITU2cersSOdEtdbAPB/2/4YdrH5bPEKAe+Sx6ufk/L
rSfYlf/DZf/jarBc13iJ4AqBzoPQkDy1MfNDnYaQaMkDx2oBFgmI0f1uq8lTVuiP
Uc9UBdNA6U/CnSO/djfbfF3WcBVCGLz5bVN+DHL1/d3i4zNqzbSmm/SUHOuZxp6a
Kkx5JRcNQxQ=
=IRMY
—–END PGP SIGNATURE—–

The post ESB-2021.1924 – [RedHat] EAP XP 1: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1924-redhat-eap-xp-1-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1924-redhat-eap-xp-1-multiple-vulnerabilities

ESB-2021.1925 – [Debian] firefox-esr: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1925
firefox-esr security update
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: firefox-esr
Publisher: Debian
Operating System: Debian GNU/Linux
Impact/Access: Execute Arbitrary Code/Commands — Remote with User Interaction
Denial of Service — Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-29967

Reference: ESB-2021.1897
ESB-2021.1896

Original Bulletin:
http://www.debian.org/security/2021/dsa-4925

– ————————–BEGIN INCLUDED TEXT——————–

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– – ————————————————————————-
Debian Security Advisory DSA-4925-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 02, 2021 https://www.debian.org/security/faq
– – ————————————————————————-

Package : firefox-esr
CVE ID : CVE-2021-29967

Multiple security issues have been found in the Mozilla Firefox
web browser, which could potentially result in the execution
of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 78.11.0esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
– —–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmC3urMACgkQEMKTtsN8
TjYV5RAAkANgSqMUBjY2qoE0ZIELliER0qsd1W4H5rFI6+4Xx02+KRo/dT7pupWn
Xmjrs3MiZnFqGRQo89uMNiglQbrzcGJN7Ep2P9gI58Rt0+0X5bWcQAb7sp7ew6wE
LgZm69oW1JFE5zngMj6RHor7hgF7j+YseNf/xYCjujamDwnOUvtguEL/VfWGIZ8J
OdZ2lAv9q9I8pNaVJciIXDZJQ4gkuyLHGeOGjweAV5CUhVwFuqRMORu0kHYdiG+R
E/WxzCc8kXBB01YGCd1G653ocDCAusdDevzg0Y1+KRIAI5j/mZ5Vt6zNZgEcAWyV
Jp2LWiFsTPaqnQEoGKXWveK/+mtNF0p9ZdgAEQbO1C4fFa3vE5VTJlQqGJpB+I4/
Z+NGeMJlB8q5TcVPkGofKJL1HPp8CIFo3STnCnVajNI00SOGhEQ4UdXZERJCllWW
pEggCxOPHLePcZgLMi5oJ0OPHvjFs6zcnwSIcGyhirYQEBimLxsnLs3uWU5daAP+
5UHNmdY/OLoC0qPquSmcxFoIis2/s+D4Me88FqqoGINxvv2pd40uFuL+KwALu3Z3
ljxqXcpVFOTQWh1Meknwe0JFkYZSr3RxWmb7BpBpG6Lk24J2NQjexHxnz3PswU3B
PdyOLLxfLp/miYhOCXUX65sXAVF0WNF3z/XocBW3qgJKd8NHVl0=
=wHk1
– —–END PGP SIGNATURE—–

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLhjjeNLKJtyKPYoAQj5vQ/+OGH5+MIIlR0C3knOxnQvCfQu7boj6D3R
sV7tVX6+v/fIf8niDO71ikqPHEMmGCJvjlS6htBYbOyCFiYTMqErGYuipUdxYQ9a
eNxPfmfCZwqElkeLcneArK8JTNBEYC5dPUToE5bJMKHExa/7nR2BMZscqsBsROWd
0hA5rp76YA+6lTzFqUm3cEdPkxiNNeYOLFlW/m1Lh/vD82jP9yt+SKoE+mU1FMgf
8tojV4izoiJxko3fW+VkvUGciJPk/2y4x1hLW61K7zsWxpnIM3JjfyJv8oApDIhQ
0XnlVRWPrBMEVi8MWyp4ZWhNmCJXIO6zBZtPB/ek23dJZMU4bxReGhKHj54NoIpz
ypYPHoziv7RvK6nnp9XR9vQ6MjHp3ZndRLR3fCFgoTHtaveRGXxrDZIBL+8lJYe1
zbey9JRMdgemiuEjcNbwHMLQdtMu/gCZGfffKz/qS4stoFtnaJNjGBJQ+9UlEVTT
CZDQLNV8+ge+tLcFrPdphks+ExfHWH8WrxXI+DmZ/C3+KtnfQmdUth/rCcizFAQT
Pvp0anbpZesDvbfQQBbgw1naAAEgv+PHgMy69Z5MT8qLXMea4CyUTypigmJCoX7E
ilH+sN2hmr8RZ3vSl2VD6+f8uDOJSCLWr1NoXEDOGD1K1fFuovYA3YXHDFL2TemM
RaVUPowqmDM=
=bJTe
—–END PGP SIGNATURE—–

The post ESB-2021.1925 – [Debian] firefox-esr: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1925-debian-firefox-esr-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1925-debian-firefox-esr-multiple-vulnerabilities

ESB-2021.1917 – [Win][UNIX/Linux][Ubuntu] Django: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1917
USN-4975-1: Django vulnerabilities
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Django
Publisher: Ubuntu
Operating System: Ubuntu
Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Access Confidential Data — Remote/Unauthenticated
Unauthorised Access — Remote/Unauthenticated
Reduced Security — Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33571 CVE-2021-33203 CVE-2021-32052

Original Bulletin:
https://ubuntu.com/security/notices/USN-4975-1

Comment: This advisory references vulnerabilities in products which run on
platforms other than Ubuntu. It is recommended that administrators
running Django check for an updated version of the software for
their operating system.

– ————————–BEGIN INCLUDED TEXT——————–

USN-4975-1: Django vulnerabilities
02 June 2021

Several security issues were fixed in Django.
Releases

o Ubuntu 21.04
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS

Packages

o python-django – High-level Python web development framework

Details

It was discovered that the Django URLValidator function incorrectly handled
newlines and tabs. A remote attacker could possibly use this issue to
perform a header injection attack. This issue only affected Ubuntu 20.04
LTS, Ubuntu 20.10, and Ubuntu 21.04. ( CVE-2021-32052 )

Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django
incorrectly handled path sanitation in admindocs. A remote attacker could
possibly use this issue to determine the existence of arbitrary files and
in certain configurations obtain their contents. ( CVE-2021-33203 )

It was discovered that Django incorrectly handled IPv4 addresses with
leading zeros. A remote attacker could possibly use this issue to perform a
wide variety of attacks, including bypassing certain access restrictions.
( CVE-2021-33571 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

o python3-django – 2:2.2.20-1ubuntu0.2

Ubuntu 20.10

o python3-django – 2:2.2.16-1ubuntu0.5

Ubuntu 20.04

o python3-django – 2:2.2.12-1ubuntu0.7

Ubuntu 18.04

o python3-django – 1:1.11.11-1ubuntu1.14
o python-django – 1:1.11.11-1ubuntu1.14

In general, a standard system update will make all the necessary changes.

References

o CVE-2021-32052
o CVE-2021-33571
o CVE-2021-33203

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLhfEONLKJtyKPYoAQhziQ/9H4GwXmS2y9ytX7MxRwyCggrVs4yv7zaD
SuzmK0HJZftneuifB5ftbe3Xk4gyd7/QopaOzRi3yJn0md+towREdCQIzO3RX42V
Ko7JqIbZA9YutPQg5F5kHhn26A43eMEp+oMZ83af1qlLCqmaehNYRLS3OxfGDULX
90JdSwVNodmtgytthqK+rc1bD11wzaIou/bZVx44V0k/GiYsIRKswJ1CxxvyUgZd
+biQ5JM96t8Z+Uwiz94XPODo6K5zIW/nL2ItNBcMgsXGzEFgb2oMZKUt6vRmUREF
WMJaUx9hInTP9B4lwPfaORTvIGctY4nftTnoMADAIgLEjrU+ss05VlYGTr6HAcck
iAf2jFmGLdoXgt8yq3wWA/BwDujrBqhpfwbcnolnfycNifyPFxroCLegtEWun8DY
QVIRBt9y/vDyH45A6Zf3+T1T+JihY7g/b/2dY9gGFZVk8L6CQNRh3oBksW/WIK9x
1z9wjrQwuQFA9Y6HUPPxuYUMUQt3R9yOlC4K9JmPgau235+q9qV8nrwcvgdTadkh
CQEVmLwgD8zKA0BzS0mctPEQE8gFOR7KgR3r2E7ildmI5v5WXXIJ6px9AzwclohU
z5eS7Gn7kvxy2DVZ6MZS+96grW1WMxO+PAMtK9SWKnYqKIOiikO+Y6OxhfX22L/m
GFhW4kmi02E=
=uxsZ
—–END PGP SIGNATURE—–

The post ESB-2021.1917 – [Win][UNIX/Linux][Ubuntu] Django: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1917-winunix-linuxubuntu-django-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1917-winunix-linuxubuntu-django-multiple-vulnerabilities

ESB-2021.1918 – [Ubuntu] Dnsmasq: Provide misleading information – Remote/unauthenticated

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1918
USN-4976-1: Dnsmasq vulnerability
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Dnsmasq
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Provide Misleading Information — Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2021-3448

Reference: ESB-2021.0954

Original Bulletin:
https://ubuntu.com/security/notices/USN-4976-1

– ————————–BEGIN INCLUDED TEXT——————–

USN-4976-1: Dnsmasq vulnerability
02 June 2021

Dnsmasq could be exposed to cache poisoning.
Releases

o Ubuntu 21.04
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS

Packages

o dnsmasq – Small caching DNS proxy and DHCP/TFTP server

Details

Petr Mensik discovered that Dnsmasq incorrectly randomized source ports in
certain configurations. A remote attacker could possibly use this issue to
facilitate DNS cache poisoning attacks.

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

o dnsmasq – 2.84-1ubuntu2.1
o dnsmasq-utils – 2.84-1ubuntu2.1
o dnsmasq-base – 2.84-1ubuntu2.1

Ubuntu 20.10

o dnsmasq – 2.82-1ubuntu1.3
o dnsmasq-utils – 2.82-1ubuntu1.3
o dnsmasq-base – 2.82-1ubuntu1.3

Ubuntu 20.04

o dnsmasq – 2.80-1.1ubuntu1.4
o dnsmasq-utils – 2.80-1.1ubuntu1.4
o dnsmasq-base – 2.80-1.1ubuntu1.4

Ubuntu 18.04

o dnsmasq – 2.79-1ubuntu0.4
o dnsmasq-utils – 2.79-1ubuntu0.4
o dnsmasq-base – 2.79-1ubuntu0.4

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

o CVE-2021-3448

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLhfKeNLKJtyKPYoAQgPmw//eBnsWYFdZlIKvHNg1fL5SEnGdVQlpwUG
C+yab273lTawPSZQSDJh9YrLFzBpuHubXEo+2huB83XVj5UBNPntQC+JS9tNCj+Y
HU1aPpWj4zSk1pUp/fS8DgLGhnReix1UkXmBh2/Jr9R3AVrHIcMfr+X1JUX9H4L2
cBPEUPdhYexr3SX2vnGU03XY0O6mG6R1zxOYlKxNnziEOSSLCC++lrYTojj/6Rvz
jHdHdYqAZ4Ttchq2bkmw0MTLS5UtAdvALsaii4wQilUEGsZmWVHacOBLIMZPfDcm
Z/qqn5N8Sd1XJI/TZtPawSJwZTJIMvdg9gryMQVdogeDCzN8A7liTVzK3LuroRVy
dGE5d+GCyWClpdttYbe728cwm0l8SubJE7KaiDhRZyumCYWL/zolTJ6GR3z6ktUZ
voeZ3vsrWwTxmeocfK8w27sMLWo33sEL8D0RH2FM/EEEd51kfJ8pWXQzjlJoxoyX
o9B01CpS4kk2rC2ljXZco65sKatSkXd8whjXwseBxbMdxwDHoYwrp2iRNhXAqE6H
pBmEwsuSym0aBJ7493+L1wbZfQA5W1QzlmVgw0eHHFtLgp4LJwp1Dggp/6QiTyP0
Al/dXrH3xfHQAaO7kGpTW4Ln+uPQXmSUt0QljBe6NHBe6feC0A7TcgLTZxvT8Vp5
pghBR7x13IM=
=7wA8
—–END PGP SIGNATURE—–

The post ESB-2021.1918 – [Ubuntu] Dnsmasq: Provide misleading information – Remote/unauthenticated appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1918-ubuntu-dnsmasq-provide-misleading-information-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1918-ubuntu-dnsmasq-provide-misleading-information-remote-unauthenticated

ESB-2021.1919 – [Ubuntu] Linux kernel: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1919
USN-4977-1: Linux kernel vulnerabilities
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Linux kernel
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands — Existing Account
Denial of Service — Existing Account
Access Confidential Data — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-33033 CVE-2021-31916 CVE-2021-29647
CVE-2021-29155 CVE-2021-28972 CVE-2021-28971
CVE-2021-28964 CVE-2021-28660 CVE-2021-3501
CVE-2021-3483 CVE-2021-3428 CVE-2020-25673
CVE-2020-25672 CVE-2020-25671 CVE-2020-25670

Reference: ESB-2021.1694
ESB-2021.1655

Original Bulletin:
https://ubuntu.com/security/notices/USN-4977-1
https://ubuntu.com/security/notices/USN-4979-1

Comment: This bulletin contains two (2) Ubuntu security advisories.

– ————————–BEGIN INCLUDED TEXT——————–

USN-4977-1: Linux kernel vulnerabilities
02 June 2021

Several security issues were fixed in the Linux kernel.
Releases

o Ubuntu 21.04

Packages

o linux – Linux kernel
o linux-aws – Linux kernel for Amazon Web Services (AWS) systems
o linux-azure – Linux kernel for Microsoft Azure Cloud systems
o linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems
o linux-kvm – Linux kernel for cloud environments
o linux-oracle – Linux kernel for Oracle Cloud systems

Details

Kiyin () discovered that the NFC LLCP protocol implementation in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). ( CVE-2020-25670 )

Kiyin () discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly deallocate memory in certain error
situations. A local attacker could use this to cause a denial of service
(memory exhaustion). ( CVE-2020-25671 , CVE-2020-25672 )

Kiyin () discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly handle error conditions in some situations,
leading to an infinite loop. A local attacker could use this to cause a
denial of service. ( CVE-2020-25673 )

Piotr Krysiuk and Benedict Schlueter discovered that the eBPF
implementation in the Linux kernel performed out of bounds speculation on
pointer arithmetic. A local attacker could use this to expose sensitive
information. ( CVE-2021-29155 )

Reiji Watanabe discovered that the KVM VMX implementation in the Linux
kernel did not properly prevent user space from tampering with an array
index value, leading to a potential out-of-bounds write. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. ( CVE-2021-3501 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

o linux-image-5.11.0-1008-aws – 5.11.0-1008.8
o linux-image-5.11.0-1008-gcp – 5.11.0-1008.9
o linux-image-5.11.0-1006-azure – 5.11.0-1006.6
o linux-image-oracle – 5.11.0.1007.7
o linux-image-azure – 5.11.0.1006.6
o linux-image-5.11.0-1008-kvm – 5.11.0-1008.8
o linux-image-5.11.0-18-lowlatency – 5.11.0-18.19
o linux-image-virtual – 5.11.0.18.19
o linux-image-gke – 5.11.0.1008.8
o linux-image-generic-64k – 5.11.0.18.19
o linux-image-generic – 5.11.0.18.19
o linux-image-5.11.0-18-generic – 5.11.0-18.19
o linux-image-5.11.0-18-generic-64k – 5.11.0-18.19
o linux-image-aws – 5.11.0.1008.8
o linux-image-kvm – 5.11.0.1008.8
o linux-image-5.11.0-18-generic-lpae – 5.11.0-18.19
o linux-image-5.11.0-1007-oracle – 5.11.0-1007.7
o linux-image-generic-lpae – 5.11.0.18.19
o linux-image-gcp – 5.11.0.1008.8
o linux-image-lowlatency – 5.11.0.18.19

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

o CVE-2020-25673
o CVE-2021-3501
o CVE-2021-29155
o CVE-2020-25672
o CVE-2020-25670
o CVE-2020-25671

Related notices

o USN-4948-1 : linux-image-oem-20.04-edge, linux-oem-5.10,
linux-image-5.10.0-1026-oem, linux-image-oem-20.04b

– ——————————————————————————–

USN-4979-1: Linux kernel vulnerabilities
03 June 2021

Several security issues were fixed in the Linux kernel.
Releases

o Ubuntu 18.04 LTS
o Ubuntu 16.04 ESM
o Ubuntu 14.04 ESM

Packages

o linux – Linux kernel
o linux-aws – Linux kernel for Amazon Web Services (AWS) systems
o linux-aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems
o linux-azure – Linux kernel for Microsoft Azure Cloud systems
o linux-azure-4.15 – Linux kernel for Microsoft Azure Cloud systems
o linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems
o linux-gcp-4.15 – Linux kernel for Google Cloud Platform (GCP) systems
o linux-hwe – Linux hardware enablement (HWE) kernel
o linux-kvm – Linux kernel for cloud environments
o linux-oracle – Linux kernel for Oracle Cloud systems
o linux-snapdragon – Linux kernel for Qualcomm Snapdragon processors

Details

It was discovered that the Realtek RTL8188EU Wireless device driver in the
Linux kernel did not properly validate ssid lengths in some situations. An
attacker could use this to cause a denial of service (system crash).
( CVE-2021-28660 )

Zygo Blaxell discovered that the btrfs file system implementation in the
Linux kernel contained a race condition during certain cloning operations.
A local attacker could possibly use this to cause a denial of service
(system crash). ( CVE-2021-28964 )

Vince Weaver discovered that the perf subsystem in the Linux kernel did not
properly handle certain PEBS records properly for some Intel Haswell
processors. A local attacker could use this to cause a denial of service
(system crash). ( CVE-2021-28971 )

It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
( CVE-2021-28972 )

It was discovered that the Qualcomm IPC router implementation in the Linux
kernel did not properly initialize memory passed to user space. A local
attacker could use this to expose sensitive information (kernel memory).
( CVE-2021-29647 )

Dan Carpenter discovered that the block device manager (dm) implementation
in the Linux kernel contained a buffer overflow in the ioctl for listing
devices. A privileged local attacker could use this to cause a denial of
service (system crash). ( CVE-2021-31916 )

It was discovered that the CIPSO implementation in the Linux kernel did not
properly perform reference counting in some situations, leading to use-
after-free vulnerabilities. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. ( CVE-2021-33033 )

Wolfgang Frisch discovered that the ext4 file system implementation in the
Linux kernel contained an integer overflow when handling metadata inode
extents. An attacker could use this to construct a malicious ext4 file
system image that, when mounted, could cause a denial of service (system
crash). ( CVE-2021-3428 )

discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. ( CVE-2021-3483 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 18.04

o linux-image-4.15.0-1100-gcp – 4.15.0-1100.113
o linux-image-4.15.0-1092-kvm – 4.15.0-1092.94
o linux-image-4.15.0-144-generic-lpae – 4.15.0-144.148
o linux-image-gcp-lts-18.04 – 4.15.0.1100.118
o linux-image-oracle-lts-18.04 – 4.15.0.1072.82
o linux-image-4.15.0-1103-snapdragon – 4.15.0-1103.112
o linux-image-virtual – 4.15.0.144.131
o linux-image-snapdragon – 4.15.0.1103.106
o linux-image-4.15.0-144-generic – 4.15.0-144.148
o linux-image-4.15.0-1072-oracle – 4.15.0-1072.80
o linux-image-aws-lts-18.04 – 4.15.0.1103.106
o linux-image-generic – 4.15.0.144.131
o linux-image-4.15.0-1103-aws – 4.15.0-1103.110
o linux-image-4.15.0-1115-azure – 4.15.0-1115.128
o linux-image-kvm – 4.15.0.1092.88
o linux-image-azure-lts-18.04 – 4.15.0.1115.88
o linux-image-4.15.0-144-lowlatency – 4.15.0-144.148
o linux-image-generic-lpae – 4.15.0.144.131
o linux-image-lowlatency – 4.15.0.144.131

Ubuntu 16.04

o linux-image-gke – 4.15.0.1100.101
Available with UA Infra or UA Desktop
o linux-image-oracle – 4.15.0.1072.60
Available with UA Infra or UA Desktop
o linux-image-4.15.0-1100-gcp – 4.15.0-1100.113~16.04.1
Available with UA Infra or UA Desktop
o linux-image-4.15.0-144-lowlatency – 4.15.0-144.148~16.04.1
Available with UA Infra or UA Desktop
o linux-image-4.15.0-1103-aws – 4.15.0-1103.110~16.04.1
Available with UA Infra or UA Desktop
o linux-image-lowlatency-hwe-16.04 – 4.15.0.144.140
Available with UA Infra or UA Desktop
o linux-image-4.15.0-1115-azure – 4.15.0-1115.128~16.04.1
Available with UA Infra or UA Desktop
o linux-image-generic-hwe-16.04 – 4.15.0.144.140
Available with UA Infra or UA Desktop
o linux-image-4.15.0-144-generic – 4.15.0-144.148~16.04.1
Available with UA Infra or UA Desktop
o linux-image-gcp – 4.15.0.1100.101
Available with UA Infra or UA Desktop
o linux-image-oem – 4.15.0.144.140
Available with UA Infra or UA Desktop
o linux-image-virtual-hwe-16.04 – 4.15.0.144.140
Available with UA Infra or UA Desktop
o linux-image-azure – 4.15.0.1115.106
Available with UA Infra or UA Desktop
o linux-image-aws-hwe – 4.15.0.1103.94
Available with UA Infra or UA Desktop
o linux-image-4.15.0-1072-oracle – 4.15.0-1072.80~16.04.1
Available with UA Infra or UA Desktop

Ubuntu 14.04

o linux-image-4.15.0-1115-azure – 4.15.0-1115.128~14.04.1
Available with UA Infra or UA Desktop
o linux-image-azure – 4.15.0.1115.88
Available with UA Infra or UA Desktop

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

o CVE-2021-31916
o CVE-2021-3428
o CVE-2020-25670
o CVE-2020-25673
o CVE-2020-25672
o CVE-2021-28660
o CVE-2021-28971
o CVE-2021-28964
o CVE-2021-29647
o CVE-2021-3483
o CVE-2021-33033
o CVE-2020-25671
o CVE-2021-28972

Related notices

o USN-4945-1 : linux-image-generic-lpae, linux-image-generic-lpae-hwe-18.04,
linux-image-5.4.0-1043-gcp, linux-image-5.4.0-73-generic,
linux-image-snapdragon-hwe-18.04-edge, linux-gke, linux-gcp-5.4,
linux-image-5.4.0-73-generic-lpae, linux-image-generic-lpae-hwe-18.04-edge,
linux-image-gke, linux-image-virtual-hwe-18.04, linux-aws,
linux-image-oracle-edge, linux-gcp, linux-image-virtual-hwe-18.04-edge,
linux-image-5.4.0-1015-gkeop, linux-image-lowlatency, linux,
linux-image-5.4.0-1039-kvm, linux-image-oem, linux-image-5.4.0-1045-oracle,
linux-oracle, linux-image-snapdragon-hwe-18.04, linux-gkeop,
linux-image-gke-5.4, linux-image-virtual, linux-gke-5.4, linux-image-kvm,
linux-kvm, linux-azure-5.4, linux-image-5.4.0-1044-oracle,
linux-image-lowlatency-hwe-18.04-edge, linux-image-5.4.0-73-lowlatency,
linux-image-5.4.0-1047-azure, linux-image-gcp, linux-image-azure,
linux-hwe-5.4, linux-image-gcp-edge, linux-image-azure-edge,
linux-image-generic-hwe-18.04, linux-aws-5.4, linux-image-gkeop-5.4,
linux-image-aws, linux-image-generic, linux-oracle-5.4,
linux-image-5.4.0-1043-gke, linux-image-lowlatency-hwe-18.04,
linux-gkeop-5.4, linux-image-5.4.0-1048-aws, linux-image-gkeop,
linux-image-oracle, linux-image-aws-edge,
linux-image-generic-hwe-18.04-edge, linux-image-oem-osp1, linux-azure
o USN-4945-2 : linux-image-raspi2-hwe-18.04-edge,
linux-image-raspi2-hwe-18.04, linux-image-raspi-hwe-18.04, linux-raspi-5.4,
linux-image-raspi, linux-image-raspi2, linux-image-5.4.0-1035-raspi,
linux-image-raspi-hwe-18.04-edge, linux-raspi
o USN-4948-1 : linux-image-5.10.0-1026-oem, linux-oem-5.10,
linux-image-oem-20.04b, linux-image-oem-20.04-edge
o USN-4977-1 : linux-image-generic-lpae,
linux-image-generic-64k-hwe-20.04-edge, linux-image-gke,
linux-image-generic-64k, linux-aws, linux-gcp, linux-image-oem-20.04,
linux-image-lowlatency, linux-image-5.11.0-18-generic-64k,
linux-image-virtual-hwe-20.04, linux, linux-image-5.11.0-1006-azure,
linux-image-5.11.0-1008-aws, linux-oracle, linux-image-raspi,
linux-image-generic-lpae-hwe-20.04-edge, linux-image-virtual,
linux-image-5.11.0-1008-gcp, linux-image-raspi-nolpae,
linux-image-lowlatency-hwe-20.04-edge, linux-image-5.11.0-18-generic-lpae,
linux-raspi, linux-image-5.11.0-1009-raspi-nolpae, linux-image-kvm,
linux-kvm, linux-image-5.11.0-1007-oracle, linux-image-5.11.0-1009-raspi,
linux-image-generic-lpae-hwe-20.04, linux-image-lowlatency-hwe-20.04,
linux-image-gcp, linux-image-generic-hwe-20.04, linux-image-azure,
linux-image-virtual-hwe-20.04-edge, linux-image-5.11.0-1008-kvm,
linux-image-aws, linux-image-5.11.0-18-generic, linux-image-generic,
linux-image-generic-64k-hwe-20.04, linux-image-generic-hwe-20.04-edge,
linux-image-oracle, linux-image-5.11.0-18-lowlatency, linux-azure

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLhfNeNLKJtyKPYoAQhZKBAAgAVR+8yzqsoNqOFjbIRdxsWdq57I2+mr
bwgNEq3gqgVPGinRhUraAt4a9pAWlzZj5MrwQXULvv6sDCGyfBYq/r0ufw6tx12K
xsm7ndu9Mk9yaisDgikd7gC1N5dtVE1M0jqw9NbrizUJyRStrcCnZcCbyoFXuELl
920b4hq7//V00h8pBEFAcbrINUoPf56K8gLA0r/8iLkDVbaaPXB28H3UUARn1YX8
a2ZWkLhMjxodMuInmNLnYkSC50elNV3LdcFeezz09SdwNgVMGg97g6a3EEsGSVqV
jLiVCW9c4WFzs17mZgNIgVlCRsGDfnu0hJJYmG+gabyxxG/lPkBPBgDpsV/QOVls
O5/1trRytKseniBPEsAWqQXBVCAaqrbgM7adxxR7tA7VxEy6I6d9PcZz7V05doMG
Wi9skr1fqQsGzAMRs3y38vAEmMY6FHIkCAbieOt+6KgSicwDZrvNhJ3XyWWFoT5X
EWLfkGOoM2RWQmxLY19yPCa7IeIimxjVEmYhA07lkwBJo1ZXGP1j6Cr2ipmVDD6h
F2sp+rv07x+Sxre5r9CyWj5VyEWG7gcXJ88l8iRctRM6JFoMf7C1J6oKpTMTma4d
3MshmADSPiYrPETeqpsfFtrCponPCKKv27MNUtasECvPHUahqtO1HyQ9ys8ZP0OD
v/ZAqudYLqU=
=3itf
—–END PGP SIGNATURE—–

The post ESB-2021.1919 – [Ubuntu] Linux kernel: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1919-ubuntu-linux-kernel-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1919-ubuntu-linux-kernel-multiple-vulnerabilities

ESB-2021.1920 – [Ubuntu] Firefox: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1920
USN-4978-1: Firefox vulnerabilities
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: Firefox
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands — Remote with User Interaction
Denial of Service — Remote with User Interaction
Provide Misleading Information — Remote with User Interaction
Access Confidential Data — Remote with User Interaction
Unauthorised Access — Remote with User Interaction
Reduced Security — Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2021-29967 CVE-2021-29966 CVE-2021-29961
CVE-2021-29960 CVE-2021-29959

Reference: ESB-2021.1897
ESB-2021.1896

Original Bulletin:
https://ubuntu.com/security/notices/USN-4978-1

– ————————–BEGIN INCLUDED TEXT——————–

USN-4978-1: Firefox vulnerabilities
02 June 2021

Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Releases

o Ubuntu 21.04
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS

Packages

o firefox – Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, re-enable
camera devices without an additional permission prompt, spoof the browser
UI, or execute arbitrary code. ( CVE-2021-29959 , CVE-2021-29961 ,
CVE-2021-29966 , CVE-2021-29967 )

It was discovered that filenames printed from private browsing mode were
incorrectly retained in preferences. A local attacker could potentially
exploit this to obtain sensitive information. ( CVE-2021-29960 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

o firefox – 89.0+build2-0ubuntu0.21.04.1

Ubuntu 20.10

o firefox – 89.0+build2-0ubuntu0.20.10.1

Ubuntu 20.04

o firefox – 89.0+build2-0ubuntu0.20.04.2

Ubuntu 18.04

o firefox – 89.0+build2-0ubuntu0.18.04.2

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

o CVE-2021-29960
o CVE-2021-29959
o CVE-2021-29961
o CVE-2021-29966
o CVE-2021-29967

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLhfP+NLKJtyKPYoAQh4ow//RmnOwXQTIQavyGbvrYzfHuyZxpuw85n8
wHMdPiKMQq800+A3OZBSe07na7ZX25u5yDCwB06uUBTVUbS4I4dJqWC+xjhqCG77
LvlyOxU3HezHiIuCTwZm+WFynbSYcWwE1eePHk2aqavp+Hq1mhWwWVLOGa9Z/+VX
1n4hET5moIEAVTfYYZFoUnt0cHBfP0yuFsttlHdKR7AGJxgcJlYlO1NcqhN3NQ19
AbwpqEfKPvmHUFcfJbqMBiw2Ai9Hm0ajQgwsHJtD9VE2Mk3JvffjPObrxrNBhbvt
ty/y4irdPI3OY9Ezoh2A3xvqAVXgLx5iWFdxvJnTstfCXwDiCWgBXNzMUnP2LHv7
lC7/qrJQ+Ex3tJxNV/v2JXBkMHIKH/7I5bspSahffIJzg5fktPqwqVeaVT3cFBCO
jmG7YB+n3Bfp+E4B9RIeBZ8GNB2fSJ5cixlCvkuYqbtlpK7AoYEtI7JdaPxS29KX
yxGGzODZbJGWkVbOzW8TrM598ujPm6222L5UPZaQPThCpawfU3lUVlUSLTJeHit1
J9pB+N6I9RkViELzGgh/xOuFJth4IgCsCg19CoG5CZp6ocDtVK1O5kXgMfppPrYv
nu90tMPwFYJInvVHUR/KYcW67r2JprMVyGqwT3LATog+8JcLfoVruaYNUGoHxTua
NCz07dKAqAY=
=x7Qj
—–END PGP SIGNATURE—–

The post ESB-2021.1920 – [Ubuntu] Firefox: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1920-ubuntu-firefox-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1920-ubuntu-firefox-multiple-vulnerabilities

ESB-2021.1913 – [Win][UNIX/Linux] McAfee Database Security (DBSec): Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1913
Security Bulletin – Database Security update fixes five vulnerabilities
3 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: McAfee Database Security (DBSec)
Publisher: McAfee
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Administrator Compromise — Remote/Unauthenticated
Access Privileged Data — Existing Account
Cross-site Scripting — Existing Account
Reduced Security — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-23898 CVE-2021-23897 CVE-2021-23896
CVE-2021-23895 CVE-2021-23894

Original Bulletin:
https://kc.mcafee.com/corporate/index?page=content&id=SB10359

– ————————–BEGIN INCLUDED TEXT——————–

McAfee Security Bulletin – Database Security update fixes five vulnerabilities
(CVE-2021-23894, CVE-2021-23895, CVE-2021-23896, CVE-2021-23897,
CVE-2021-23898)

Security Bulletins ID : SB10359

Last Modified : 6/1/2021

Summary

To receive email notification when this Security Bulletin is updated, click
Subscribe on the right side of the page. You must be logged on to subscribe.

Article contents:

o Vulnerability Description
o Remediation
o Frequently Asked Questions (FAQs)
o Resources
o Disclaimer

Vulnerability Description
DBSec is designed to be installed on a private network. As such all
administrative, and server to database, connections are within a secured
network.

1. CVE-2021-23894 – DBSec-12494
Deserialization of untrusted data vulnerability in McAfee Database Security
(DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a
reverse shell with administrator privileges on the DBSec server via
carefully constructed Java serialized object sent to the DBSec server.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2021-23894
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2021-23894
2. CVE-2021-23895 – DBSec-12496
Deserialization of untrusted data vulnerability in McAfee Database Security
(DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a
reverse shell with administrator privileges on the DBSec server via
carefully constructed Java serialized object sent to the DBSec server.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2021-23895
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2021-23895
3. CVE-2021-23896 – DBSec-12503
Cleartext Transmission of Sensitive Information vulnerability in the
administrator interface of McAfee Database Security (DBSec) prior to 4.8.2
allows an administrator to view the unencrypted password of the McAfee
Insights Server used to pass data to the Insights Server. This user is
restricted to only have access to DBSec data in the Insights Server.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2021-23896
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2021-23896
4. CVE-2021-23897 – DBSec-12497
Improper Neutralization of Input During Web Page Generation (‘Cross-site
Scripting’) vulnerability in McAfee Database Security (DBSec) prior to
4.8.2 allows an administrator to embed JavaScript code when configuring the
name of a database to be monitored. This would be triggered when any
authorized user logs into the DBSec interface and opens the properties
configuration page for this database.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2021-23897
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2021-23897
5. CVE-2021-23898 – DBSec-12502
Incorrect access to deleted scripts vulnerability in McAfee Database
Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to
gain access to signed SQL scripts which have been marked as deleted or
expired within the administrative console. This access was only available
through the REST API.
The scripts are retained to allow them to be used when analyzing older
events should they be required in the future. The impact has been judged to
be low as it is expected that the scripts are created in good faith.
https://web.nvd.nist.gov/view/vuln/detailvulnId=CVE-2021-23898
https://cve.mitre.org/cgi-bin/cvename.cginame=CVE-2021-23898

Remediation
To remediate this issue, customers should update to DBSec 4.8.2.

Download and Installation Instructions
For instructions to download McAfee product updates and hotfixes, see: KB56057
– – How to download Enterprise product updates and documentation . Review the
Release Notes and the Installation Guide for instructions on how to install
these updates. All documentation is available at https://docs.mcafee.com .
Frequently Asked Questions (FAQs)
How do I know if my McAfee product is vulnerable or not
For endpoint products:
Use the following instructions for endpoint or client-based products:

1. Right-click the McAfee tray shield icon on the Windows taskbar.
2. Select Open Console .
3. In the console, select Action Menu .
4. In the Action Menu, select Product Details . The product version displays.

What is CVSS
CVSS, or Common Vulnerability Scoring System, is the result of the National
Infrastructure Advisory Council’s effort to standardize a system of assessing
the criticality of a vulnerability. This system offers an unbiased criticality
score between 0 and 10 that customers can use to judge how critical a
vulnerability is and plan accordingly. For more information, visit the CVSS
website at: https://www.first.org/cvss/ .

When calculating CVSS scores, McAfee has adopted a philosophy that fosters
consistency and repeatability. Our guiding principle for CVSS scoring is to
score the exploit under consideration by itself. We consider only the immediate
and direct impact of the exploit under consideration. We do not factor into a
score any potential follow-on exploits that might be made possible by the
successful exploitation of the issue being scored.

What are the CVSS scoring metrics

NOTE: The below CVSS version 3.1 vector was used to generate this score.
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculatorvector=AV:A/AC:L/PR:L/
UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C&version=3.1

Where can I find a list of all Security Bulletins
All Security Bulletins are published on our external PSIRT website at https://
www.mcafee.com/us/threat-center/product-security-bulletins.aspx . To see
Security Bulletins for McAfee Enterprise products on this website click
Enterprise Security Bulletins . Security Bulletins are retired (removed) once a
product is both End of Sale and End of Support (End of Life).

How do I report a product vulnerability to McAfee
If you have information about a security issue or vulnerability with a McAfee
product, visit the McAfee PSIRT website for instructions at https://
www.mcafee.com/us/threat-center/product-security-bulletins.aspx . To report an
issue, click Report a Security Vulnerability .

How does McAfee respond to this and any other reported security flaws
Our key priority is the security of our customers. If a vulnerability is found
within any McAfee software or services, we work closely with the relevant
security software development team to ensure the rapid and effective
development of a fix and communication plan.

McAfee only publishes Security Bulletins if they include something actionable
such as a workaround, mitigation, version update, or hotfix. Otherwise, we
would simply be informing the hacker community that our products are a target,
putting our customers at greater risk. For products that are updated
automatically, a non-actionable Security Bulletin might be published to
acknowledge the discoverer.

View our PSIRT policy on the McAfee PSIRT website at https://www.mcafee.com/us/
threat-center/product-security-bulletins.aspx by clicking About PSIRT .
Resources
To contact Technical Support, log on to the ServicePortal and go to the Create
a Service Request page at https://support.mcafee.com/ServicePortal/faces/
serviceRequests/createSR :

o If you are a registered user, type your User ID and Password, and then
click Log In .
o If you are not a registered user, click Register and complete the required
fields. Your password and logon instructions will be emailed to you.

Disclaimer
The information provided in this Security Bulletin is provided as is without
warranty of any kind. McAfee disclaims all warranties, either express or
implied, including the warranties of merchantability and fitness for a
particular purpose. In no event shall McAfee or its suppliers be liable for any
damages whatsoever including direct, indirect, incidental, consequential, loss
of business profits or special damages, even if McAfee or its suppliers have
been advised of the possibility of such damages. Some states do not allow the
exclusion or limitation of liability for consequential or incidental damages so
the preceding limitation may not apply.

Any future product release dates mentioned in this Security Bulletin are
intended to outline our general product direction, and they should not be
relied on in making a purchasing decision. The product release dates are for
information purposes only, and may not be incorporated into any contract. The
product release dates are not a commitment, promise, or legal obligation to
deliver any material, code, or functionality. The development, release, and
timing of any features or functionality described for our products remains at
our sole discretion and may be changed or canceled at any time

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLg58ONLKJtyKPYoAQhwBxAAi2FNmqlNJtgYQ4AVM01UGCQfwiLEQZhO
rKd/Vf+j15REyyeVxbTbhPAG4M1lNNc91ISBZNKR3QwbvO/lVSD/l3apvmLYTUa2
KIZy1Z/JFZAqcm8+vO+D6KsViLxGHZUg9QsmyyXjhiGTg2tcJD6XxYlxGf9fYTBE
Jk0B+RrplFoOadSjT3RvXuwKJQIlUI8BicAkuN54UySHyMjaNmuShEkwijB2GnlK
c+XOlgwIUAfByY8p88EeFsXqBmiQ9brWtszdeCU6HFh63c0mQersiTgtY0XaRuUk
mM9g+d/I2WQ2jbYKspCFLhF11JFaFCRZwpur7EGYH1KowLymcvTR1T1QoInULoo8
fXJi5fsTDDzvaTDnNTVmLiinNNl+pF8MJyOESMwqrCyPQspbP/bAXO1jYaNYKcyZ
HglYK2jUUyp738tnWnPStQGZ2alYVYxQ8//xC7LIj/JYjxL3pKVZOrGkuH9qVlhP
1mtXIpnHXVvdDqGNJmofRa4awXEN91a7iEw5/+STEbfdZl52WHx5/fM3eKy1PAIF
th6abxidTa3Jg+oNzcbNkMy5VQfhqzvURg3QESCc3wF/inMK9+b50FcxuWw9AznU
sg4BN4WBsIhdn6hYIQFC5hETmVdTBR1cMozph37XjO3taYKBqXJeqmViN310c6E+
IRZywrnncsA=
=GC2e
—–END PGP SIGNATURE—–

The post ESB-2021.1913 – [Win][UNIX/Linux] McAfee Database Security (DBSec): Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/esb-2021-1913-winunix-linux-mcafee-database-security-dbsec-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1913-winunix-linux-mcafee-database-security-dbsec-multiple-vulnerabilities

Network Security News Summary for Thursday June 3rd, 2021

Realtek WPA2 Vuln; Huawei LTE Vuln; NortonLifeLock Crypto; OpenPGP RNP Patch

Realtek RTL8170C Vulnerabilities
https://www.vdoo.com/blog/realtek-wifi-vulnerabilities-zero-day

Huawei LTE USB Stick E3372 Vulnerablity
https://www.theregister.com/2021/06/02/huawei_lte_usb_stick_vulnerability/

NortonLifeLock Crypto
https://investor.nortonlifelock.com/About/Investors/press-releases/press-release-details/2021/NortonLifeLock-Unveils-Norton-Crypto/default.aspx

OpenPGP RNP Patch
https://www.rnpgp.org/advisories/ri-2021-001/

keywords: openpgp; nortonlifelock; crypt miner; norton; symantec; huawei; realtek

The post Network Security News Summary for Thursday June 3rd, 2021 appeared first on Malware Devil.

https://malwaredevil.com/2021/06/03/network-security-news-summary-for-thursday-june-3rd-2021/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-thursday-june-3rd-2021

Wednesday, June 2, 2021

ESB-2021.1898 – GitLab Community and Enterprise Editions: Multiple vulnerabilities

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

===========================================================================
AUSCERT External Security Bulletin Redistribution

ESB-2021.1898
GitLab Security Release: 13.12.2, 13.11.5, and 13.10.5
2 June 2021

===========================================================================

AusCERT Security Bulletin Summary
———————————

Product: GitLab Community Edition
GitLab Enterprise Edition
Publisher: GitLab
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Virtualisation
Impact/Access: Cross-site Scripting — Remote with User Interaction
Provide Misleading Information — Remote/Unauthenticated
Denial of Service — Existing Account
Access Confidential Data — Remote/Unauthenticated
Reduced Security — Remote/Unauthenticated
Unauthorised Access — Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-22181

Original Bulletin:
https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/

– ————————–BEGIN INCLUDED TEXT——————–

GitLab Security Release: 13.12.2, 13.11.5, and 13.10.5

Learn more about GitLab Security Release: 13.12.2, 13.11.5, and 13.10.5 for
GitLab Community Edition (CE) and Enterprise Edition (EE).

Today we are releasing versions 13.12.2, 13.11.5, and 13.10.5 for GitLab
Community Edition (CE) and Enterprise Edition (EE).

These versions contain important security fixes, and we strongly recommend that
all GitLab installations be upgraded to one of these versions immediately.

GitLab releases patches for vulnerabilities in dedicated security releases.
There are two types of security releases: a monthly, scheduled security
release, released a week after the feature release (which deploys on the 22nd
of each month), and ad-hoc security releases for critical vulnerabilities. For
more information, you can visit our security FAQ. You can see all of our
regular and security release blog posts here. In addition, the issues detailing
each vulnerability are made public on our issue tracker 30 days after the
release in which they were patched.

We are dedicated to ensuring all aspects of GitLab that are exposed to
customers or that host customer data are held to the highest security
standards. As part of maintaining good security hygiene, it is highly
recommended that all customers upgrade to the latest security release for their
supported version. You can read more best practices in securing your GitLab
instance in our blog post.

Additional note

In GitLab 13.10 the CI Lint API started requiring authentication for GitLab
instances where registration is disabled. Starting with this release, the CI
Lint API endpoint will also require authentication when registration is limited
(for example where an email domain allowlist is configured).

Table of Fixes

Title Severity
Stealing GitLab OAuth access tokens using XSLeaks in Safari high
Denial of service through recursive triggered pipelines high
Unauthenticated CI lint API may lead to information disclosure and medium
SSRF
Server-side DoS through rendering crafted Markdown documents medium
Issue and merge request length limit is not being enforced medium
Insufficient Expired Password Validation medium
XSS in blob viewer of notebooks medium
Logging of Sensitive Information medium
On-call rotation information exposed when removing a member low
Spoofing commit author for signed commits low

Stealing GitLab OAuth access tokens using XSLeaks in Safari

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/
EE since 7.10 allowed an attacker to leak an OAuth access token by getting the
victim to visit a malicious page with Safari. This is a high severity issue
(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, 8.8). We have requested a CVE ID
and will update this blog post when it is assigned.

Thanks hubblebubble for reporting this vulnerability through our HackerOne bug
bounty program.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Denial of service through recursive triggered pipelines

A denial of service vulnerability in GitLab CE/EE affecting all versions since
11.8 allows an attacker to create a recursive pipeline relationship and exhaust
resources. This is a high severity issue (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/
I:N/A:H, 7.7). It is now mitigated in the latest release and is assigned
CVE-2021-22181.

This vulnerability has been discovered internally by the GitLab team.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Unauthenticated CI lint API may lead to information disclosure and SSRF

When requests to the internal network for webhooks are enabled, a server-side
request forgery vulnerability in GitLab CE/EE affecting all versions starting
from 10.5 was possible to exploit for an unauthenticated attacker even on a
GitLab instance where registration is limited. This is a medium severity issue
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N, 6.8). We have requested a CVE ID
and will update this blog post when it is assigned.

Thanks @myster for reporting this vulnerability through our HackerOne bug
bounty program.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Server-side DoS through rendering crafted Markdown documents

A denial of service vulnerability in all versions of GitLab CE/EE before
13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource
consumption with a specially crafted issue or merge request. This is a medium
severity issue (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, 6.5). We have
requested a CVE ID and will update this blog post when it is assigned.

Thanks phli for reporting this vulnerability through our HackerOne bug bounty
program.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Issue and merge request length limit is not being enforced

A denial of service vulnerability in all versions of GitLab CE/EE before
13.12.2, 13.11.5 or 13.10.5 allows an attacker to cause uncontrolled resource
consumption with a very long issue or merge request description. This is a
medium severity issue (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, 6.5). We
have requested a CVE ID and will update this blog post when it is assigned.

This vulnerability has been discovered internally by the GitLab team.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Insufficient Expired Password Validation

An issue has been discovered in GitLab affecting all versions starting from
12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all
versions starting from 13.12.0 before 13.12.2. Insufficient expired password
validation in various operations allow user to maintain limited access after
their password expired. This is a medium severity issue (CVSS:3.0/AV:N/AC:L/
PR:N/UI:N/S:U/C:L/I:L/A:N, 6.5). We have requested a CVE ID and will update
this blog post when it is assigned.

This vulnerability has been discovered internally by the GitLab team.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

XSS in blob viewer of notebooks

An issue has been discovered in GitLab affecting all versions starting with
13.10. GitLab was vulnerable to a stored XSS in blob viewer of notebooks. This
is a medium severity issue (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, 6.1).
We have requested a CVE ID and will update this blog post when it is assigned.

Thanks (@yvvdwf)[https://hackerone.com/yvvdwf] for reporting this vulnerability
through our HackerOne bug bounty program.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Logging of Sensitive Information

GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive
information from log files because the sensitive information was not correctly
registered for log masking. This is a medium severity issue (CVSS:3.0/AV:N/AC:H
/PR:H/UI:N/S:U/C:H/I:N/A:N, 4.4). We have requested a CVE ID and will update
this blog post when it is assigned.

This vulnerability has been discovered internally by the GitLab team https://
gitlab.com/dcouture.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

On-call rotation information exposed when removing a member

An information disclosure vulnerability in GitLab EE versions 13.11 and later
allowed a project owner to leak information about the members’ on-call
rotations in other projects. This is a low severity issue (CVSS:3.0/AV:N/AC:L/
PR:H/UI:N/S:U/C:L/I:N/A:N, 2.7). We have requested a CVE ID and will update
this blog post when it is assigned.

This vulnerability has been discovered internally by the GitLab team.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Spoofing commit author for signed commits

All versions of GitLab CE/EE starting with 12.8 were affected by an issue in
the handling of x509 certificates that could be used to spoof author of signed
commits. This is a low severity issue (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L
/A:N, 2.6). We have requested a CVE ID and will update this blog post when it
is assigned.

Thanks subbotin for reporting this vulnerability through our HackerOne bug
bounty program.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Enable qsh verification for Atlassian Connect

qsh verification has been enabled for Atlassian Connect to address a breaking
change in the Atlassian Connect API.

If you are using Jira Connect with a self-managed instance you need to update
to these latest security releases before June 7th. If you are on GitLab.com,
you do not need to do anything. For more details see this GitLab issue.

Versions affected

Affects all versions of GitLab.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Update bindata dependency

The dependency on bindata has been upgraded to 2.4.10 in order to mitigate
security concerns.

Versions affected

Affects versions 12.0 and later.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Update grafana dependency

The dependency on Grafana has been upgraded to 7.5.4 in order to mitigate
security concerns.

Versions affected

Affects versions 13.11, 13.10 and 13.9.

Remediation

We strongly recommend that all installations running an affected version above
are upgraded to the latest version as soon as possible.

Updating

To update GitLab, see the Update page. To update Gitlab Runner, see the
Updating the Runner page.

– ————————–END INCLUDED TEXT——————–

Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

iQIVAwUBYLb8juNLKJtyKPYoAQimDhAAkLOW3/MuuPlKP5c6Xc1A6xJpXraaPzvI
52PQibPJmgolk3D1WUR06SxoTMO/16c3o2eR6Z1tiwrqUTfOKbStiV1parCxWtrW
oDZWlnp/tCSx9ngOJDYr//0uSTku3NLKpr+6Tnw+gv7cLnfXzeTmT4g3nJeVgCX3
WdwUpUe2sePcLJJpqK3ZMKgTlq5WD6kiKdjGU/+Ms0VZ6duSCpeSVQsElFBxPjjh
V07NCxemgQzE03mnBf2qBdxsvVvdgGu053diI5oqlYXAvVVHrlP5pWn9e0ack5Qq
WS3CebhSTdbfYOQ6PhABvsHFNiML9OKxfNm+tXXbeGoSIVMi/lY9bjfkbT7DFSSt
5hjDPhN/aVf9VcI0mxx+qhlq3frnRtkKITN7Xcn8gu8Xvndra/HE1fgYKfvAog/W
t0j5f90+R/tJiXD4EPA3qDImLdfm0ZEKYEEJs4XMnGzOfzl0z7QMxefTVvdk3KD5
sicZJgcOf+iG9bYK50mjXkvjxLMEK7fcquXMdxswhsqUsCJx9ntpMPEO0ROkCT1k
8Ippz3l5AdrcJjVvIWoOPoub07u/6r9fZzr7NEVUFF8qhAOzzBqMv98r8/RdhGJT
k/X244kPh6JZPbDfkLlqlTtGw18L9kHRv32hVgMhbGzGh9OyiNlp0oUGNoz2yO+5
HZS69Nmepsc=
=Zwr3
—–END PGP SIGNATURE—–

The post ESB-2021.1898 – GitLab Community and Enterprise Editions: Multiple vulnerabilities appeared first on Malware Devil.

https://malwaredevil.com/2021/06/02/esb-2021-1898-gitlab-community-and-enterprise-editions-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2021-1898-gitlab-community-and-enterprise-editions-multiple-vulnerabilities

Malware Devil

Malware Devil

Thursday, June 3, 2021

ESB-2021.1924 – [RedHat] EAP XP 1: Multiple vulnerabilities

ESB-2021.1925 – [Debian] firefox-esr: Multiple vulnerabilities

ESB-2021.1917 – [Win][UNIX/Linux][Ubuntu] Django: Multiple vulnerabilities

ESB-2021.1918 – [Ubuntu] Dnsmasq: Provide misleading information – Remote/unauthenticated

ESB-2021.1919 – [Ubuntu] Linux kernel: Multiple vulnerabilities

ESB-2021.1920 – [Ubuntu] Firefox: Multiple vulnerabilities

ESB-2021.1913 – [Win][UNIX/Linux] McAfee Database Security (DBSec): Multiple vulnerabilities

Network Security News Summary for Thursday June 3rd, 2021

Wednesday, June 2, 2021

ESB-2021.1898 – GitLab Community and Enterprise Editions: Multiple vulnerabilities

Barbary Pirates and Russian Cybercrime

Blog Archive

About Me