Uber CISO Charged, Facebook Data Portability, Malicious iOS SDK

In episode 136 for August 31st 2020: Uber’s former security chief is charged over covering up a 2016 data breach, Facebook pushes for data portability legislation, and how a malicious iOS SDK breached the privacy of millions of mobile users. ** Links mentioned on the show ** Former Uber Security Chief Charged Over Covering Up […]

The post Uber CISO Charged, Facebook Data Portability, Malicious iOS SDK appeared first on The Shared Security Show.

The post Uber CISO Charged, Facebook Data Portability, Malicious iOS SDK appeared first on Security Boulevard.

Read More

The post Uber CISO Charged, Facebook Data Portability, Malicious iOS SDK first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/uber-ciso-charged-facebook-data-portability-malicious-ios-sdk/?utm_source=rss&utm_medium=rss&utm_campaign=uber-ciso-charged-facebook-data-portability-malicious-ios-sdk

What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses?

During the previous weeks, we provided a thorough overview of the EU NIS Directive, focusing on the Operators of Essential Systems (OES), the Digital Service Providers (DSP) and the compliance frameworks. Our review of the EU cybersecurity policy and strategy would be incomplete without mentioning the EU Cybersecurity Act. On 27 June, the European Cybersecurity […]… Read More

The post What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses? appeared first on The State of Security.

The post What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses? appeared first on Security Boulevard.

Read More

The post What Is the EU Cybersecurity Act and What Does It Mean for US-Based Businesses? first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/what-is-the-eu-cybersecurity-act-and-what-does-it-mean-for-us-based-businesses/?utm_source=rss&utm_medium=rss&utm_campaign=what-is-the-eu-cybersecurity-act-and-what-does-it-mean-for-us-based-businesses

Ransomware During COVID-19

After 2019 was remembered as the year that ransomware targeted state and local governments, what can be said about ransomware in 2020 – especially during the global coronavirus pandemic? To start, ransomware made global news headlines this week when a major ransomware attack was thwarted against Tesla. The Associated Press reported that: “Tesla CEO Elon..

The post Ransomware During COVID-19 appeared first on Security Boulevard.

Read More

The post Ransomware During COVID-19 first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/ransomware-during-covid-19/?utm_source=rss&utm_medium=rss&utm_campaign=ransomware-during-covid-19

ISC Stormcast For Monday, August 31st 2020 https://isc.sans.edu/podcastdetail.html?id=7146, (Mon, Aug 31st)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More

The post ISC Stormcast For Monday, August 31st 2020 https://isc.sans.edu/podcastdetail.html?id=7146, (Mon, Aug 31st) first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/isc-stormcast-for-monday-august-31st-2020-https-isc-sans-edu-podcastdetail-htmlid7146-mon-aug-31st/?utm_source=rss&utm_medium=rss&utm_campaign=isc-stormcast-for-monday-august-31st-2020-https-isc-sans-edu-podcastdetail-htmlid7146-mon-aug-31st

ESB-2020.2293.2 – UPDATE [Appliance] OpenClinic GA: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2020.2293.2
                 Advisory (icsma-20-184-01) OpenClinic GA
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           OpenClinic GA
Publisher:         ICSMA
Operating System:  Network Appliance
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Cross-site Scripting            -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Unauthorised Access             -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14494 CVE-2020-14493 CVE-2020-14492
                   CVE-2020-14491 CVE-2020-14490 CVE-2020-14489
                   CVE-2020-14488 CVE-2020-14487 CVE-2020-14486
                   CVE-2020-14485 CVE-2020-14484 CVE-2016-1182
                   CVE-2016-1181 CVE-2014-0114 

Reference:         ESB-2020.2293
                   ESB-2020.1427
                   ESB-2019.3804

Original Bulletin: 
   https://www.us-cert.gov/ics/advisories/icsma-20-184-01

Revision History:  August 31 2020: 3 additional CVEs added to advisory
                   July    3 2020: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

ICS Medical Advisory (ICSMA-20-184-01)

OpenClinic GA (Update A)

Original release date: August 27, 2020

Legal Notice

All information products included in https://us-cert.gov/ics are provided"as
is" for informational purposes only. The Department of Homeland Security (DHS)
does not provide any warranties of any kind regarding any information contained
within. DHS does not endorse any commercial product or service, referenced in
this product or otherwise. Further dissemination of this product is governed by
the Traffic Light Protocol (TLP) marking in the header. For more information
about TLP, see https://www.us-cert.gov/tlp/ .



1. EXECUTIVE SUMMARY

  o CVSS v3 9.8
  o ATTENTION: Exploitable remotely/low skill level to exploit/public exploits
    are available
  o Vendor: OpenClinic GA is a product of open-source collaboration on Source
    Forge
  o Equipment: OpenClinic GA
  o Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel,
    Improper Restriction of Excessive Authentication Attempts, Improper
    Authentication, Missing Authorization, Execution with Unnecessary
    Privileges, Unrestricted Upload of File with Dangerous Type, Path
    Traversal, Improper Authorization, Cross-site Scripting, Use of
    Unmaintained Third-Party Components, Insufficiently Protected Credentials,
    Hidden Functionality

2. UPDATE INFORMATION

This updated advisory is a follow-up to the original advisory titled
ICSMA-20-184-01 OpenClinic GA that was published July 2, 2020, on the ICS
webpage on us-cert.gov.

3. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to
bypass authentication, discover restricted information, view/manipulate
restricted database information, and/or execute malicious code.

4. TECHNICAL DETAILS

4.1 AFFECTED PRODUCTS

The following versions of OpenClinic GA, an open-source integrated hospital
information management system, are affected:

  o OpenClinic GA Version 5.09.02
  o OpenClinic GA Version 5.89.05b

4.2 VULNERABILITY OVERVIEW

4.2.1 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL CWE-288

An attacker may bypass client-side access controls or use a crafted request to
initiate a session with limited functionality, which may allow execution of
admin functions such as SQL queries.

CVE-2020-14485 has been assigned to this vulnerability. A CVSS v3 base score of
9.4 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:H/I:H/A:L ).

4.2.2 IMPROPER RESTRICTION OF EXCESSIVE AUTHENTICATION ATTEMPTS CWE-307

An attacker can bypass the system's account lockout protection, which may allow
brute force password attacks.

CVE-2020-14484 has been assigned to this vulnerability. A CVSS v3 base score of
7.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:L/I:L/A:L ).

4.2.3 IMPROPER AUTHENTICATION CWE-287

An authentication mechanism within the system does not contain sufficient
complexity to protect against brute force attacks, which may allow unauthorized
users to access the system after no more than a fixed maximum number of
attempts.

CVE-2020-14494 has been assigned to this vulnerability. A CVSS v3 base score of
7.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:L/I:L/A:L ).

4.2.4 MISSING AUTHORIZATION CWE-862

The system does not properly check permissions before executing SQL queries,
which may allow a low-privilege user to access privileged information.

CVE-2020-14491 has been assigned to this vulnerability. A CVSS v3 base score of
8.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/
C:H/I:H/A:L ).

4.2.5 EXECUTION WITH UNNECESSARY PRIVILEGES CWE-250

A low-privilege user may use SQL syntax to write arbitrary files to the server,
which may allow the execution of arbitrary commands.
CVE-2020-14493 has been assigned to this vulnerability. A CVSS v3 base score of
8.8 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/
C:H/I:H/A:H ).

4.2.6 UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434

The system does not properly verify uploaded files, which may allow a
low-privilege user to upload and execute arbitrary files on the system.

CVE-2020-14488 has been assigned to this vulnerability. A CVSS v3 base score of
8.8 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/
C:H/I:H/A:H ).

4.2.7 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH
TRAVERSAL') CWE-22

The system includes arbitrary local files specified within its parameter and
executes some files, which may allow disclosure of sensitive files or the
execution of malicious uploaded files.

CVE-2020-14490 has been assigned to this vulnerability. A CVSS v3 base score of
8.8 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/
C:H/I:H/A:H ).

4.2.8 IMPROPER AUTHORIZATION CWE-285

An attacker may bypass permission/authorization checks by ignoring the redirect
of a permission failure, which may allow unauthorized execution of commands.

CVE-2020-14486 has been assigned to this vulnerability. A CVSS v3 base score of
6.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:L/UI:N/S:U/
C:L/I:L/A:L ).

4.2.9 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE
SCRIPTING') CWE-79

The system does not properly neutralize user-controllable input, which may
allow the execution of malicious code within the user's browser.

CVE-2020-14492 has been assigned to this vulnerability. A CVSS v3 base score of
5.4 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:R/S:U/
C:L/I:L/A:N ).

4.2.10 USE OF UNMAINTAINED THIRD-PARTY COMPONENTS CWE-1104

The system contains third-party software versions that are end-of-life and
contain known vulnerabilities, which may allow remote code execution.

- --------- Begin Update A Part 1 of 1 ---------

CVE-2014-0114 , CVE-2016-1181 , and CVE-2016-1182 are related to this
vulnerability.A CVSS v3 base score of 9.8 has been calculated; the CVSS vector
string is ( AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ).

- --------- End Update A Part 1 of 1 ---------

4.2.11 INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522

The system stores passwords using inadequate hashing complexity, which may
allow an attacker to recover passwords using known password cracking
techniques.

CVE-2020-14489 has been assigned to this vulnerability. A CVSS v3 base score of
6.2 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:N/S:U/
C:H/I:N/A:N ).

4.2.12 HIDDEN FUNCTIONALITY CWE-912

The system contains a hidden default user account that may be accessed if an
administrator has not expressly turned off this account, which may allow an
attacker to login and execute arbitrary commands.
Does not affect Version 5.89.05b.

CVE-2020-14487 has been assigned to this vulnerability. A CVSS v3 base score of
9.4 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:N/S:U/
C:H/I:H/A:L ).

3.3 BACKGROUND

  o CRITICAL INFRASTRUCTURE SECTORS: Healthcare and Public Health
  o COUNTRIES/AREAS DEPLOYED: Worldwide
  o COMPANY HEADQUARTERS LOCATION: Open-source

3.4 RESEARCHER

Brian D. Hysell reported these vulnerabilities to CISA.

4. MITIGATIONS

OpenClinic GA is aware of these vulnerabilities but has not provided any
confirmation of their resolution. Please upgrade to the latest version to
ensure you have all current fixes.

CISA recommends users take defensive measures to minimize the risk of
exploitation of this vulnerability. Specifically, users should:

  o Ensure that least-privilege user principle is followed.
  o Minimize network exposure for all control system devices and/or systems,
    and ensure that they are not accessible from the Internet .
  o Locate control system networks and remote devices behind firewalls, and
    isolate them from the business network.
  o When remote access is required, use secure methods, such as Virtual Private
    Networks (VPNs), recognizing that VPNs may have vulnerabilities and should
    be updated to the most current version available. Also recognize that VPN
    is only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk
assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices
on the ICS webpage on us-cert.gov . Several recommended practices are available
for reading and download, including Improving Industrial Control Systems
Cybersecurity with Defense-in-Depth Strategies .

Additional mitigation guidance and recommended practices are publicly available
on the ICS webpage on us-cert.gov in the Technical Information Paper,
ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation
Strategies .

Organizations observing any suspected malicious activity should follow their
established internal procedures and report their findings to CISA for tracking
and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves
from social engineering attacks:

  o Do not click web links or open unsolicited attachments in email messages.
  o Refer to Recognizing and Avoiding Email Scams for more information on
    avoiding email scams.
  o Refer to Avoiding Social Engineering and Phishing Attacks for more
    information on social engineering attacks.

For any questions related to this report, please contact the CISA at:

Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870

CISA continuously strives to improve its products and services. You can help by
choosing one of the links below to provide feedback about this product.

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yQJeNLKJtyKPYoAQh8ag/+Ni8TXgr1w61iYYTqVbsuEnZMJWbyoAT7
HSJceOEpP3SBYfyrOpO3hl9OJ5U2fG/Kow3lUEgnk7LjQJ9hGDz7OF/vxtw2nC8M
v44eSzF+6kjotQMtHqwIE5D7ByxF+S++bTjWxNt+eq5o5kiDE80LNsNgaTKEl99m
q5Ed5iDSJ0fphf8EmaB9pzGqIt24ofN3TZCnCYvRtyAfdtZNPwuA4dC34ANl2jOm
VTIz6H+rz9RNECWtrlLtOFJ1s4M88aWf2igJOSAK1hCphZwS4T03qIgz38sItZJt
L7EoP6o4bCw8Mzl2HTq58i03TL9aBEV2kERAGQku/Op3Lj5B+IEordlOWa6RQgQ/
lep+6CyOC74qAJs9smD6eYphZ2lKeOXtR2kpzVDWA75GFCeoPrrqwFK6tNewwxxz
JjVaVGQpo7GtfxHh2C+S5Y0IEscScfep+Krz5VN2JM3s0H+ZXdCMQ9nNW97yxL1+
G2+9Ll0WK8NkZFFU0RAKU7vYsaXmeHQPEHnonyT3Q5pa998ZsSP9MntspdQwkyVG
pEeLZwdXDQ5lAIqKZK99Ah4BEFTk91Li2O6RWVDq1xWai+Ig9EwodxCp/EwVcniq
RWW2QeKmO3DkvGIfhOK79wYpAETgDkpDpzPsKfziUgx42oi0xAts1zCq7g6cOruj
OxuZBe7PQtI=
=4KOm
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2293.2 - UPDATE [Appliance] OpenClinic GA: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2293-2-update-appliance-openclinic-ga-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2293-2-update-appliance-openclinic-ga-multiple-vulnerabilities

ESB-2020.2984 – [Debian] mupdf: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2984
                           mupdf security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           mupdf
Publisher:         Debian
Operating System:  Debian GNU/Linux 10
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Denial of Service               -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-13290  

Reference:         ESB-2020.2547

Original Bulletin: 
   http://www.debian.org/security/2020/dsa-4753

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4753-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
August 29, 2020                       https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : mupdf
CVE ID         : CVE-2019-13290
Debian Bug     : 931475

A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight
PDF viewer, which may result in denial of service or the execution of
arbitrary code if a malformed PDF file is opened.

For the stable distribution (buster), this problem has been fixed in
version 1.14.0+ds1-4+deb10u1.

We recommend that you upgrade your mupdf packages.

For the detailed security status of mupdf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/mupdf

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl9KbgZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RRgA/+JUZjS9gSPgUAhkjkkDXJi0RfhCrhNT37XccfmjsQ/hKgaRCRGwGPJgWy
vVPCwSoQMhcRt/ZB/WLr8a3BNc86N5drArU5MndQQZEwaXdtu7dAVoUCWC/SosFP
7WRGcrq+Yg7Ui6arRUiGdKx0OOY/426fUFVy/z0rmQPNjHg6M7GqsDOE9PYmOri2
IQoZGBQvfVuxpf5nxMiLgqsG7ZtOKLRKaTeaE7HcVDu043ASagONY2IJTfHf+qoS
RG2m2zaidLklknSKdQ6DqUZ4w1tLjFDeqpEh+mdP819v7KAqJHud8TJKWmiWHXKs
+4IjG5JvrRuJB87nICHIjlMvZF6cecadptopmx/0mZKPeWKVyUBxfLntEoMjlFDX
qY3sGvVIUF9TCL57YBzyrPAD2buI6BVk9NWJk5du0WBz738Dj8mMKo/zn29F97HW
/s5UNDAcoCAqRZbeAk7F/D+BoBDPJWkQBNgNfryaTRjoVh/z38pvWdz2GI/uLJm8
c6Y6ASa0pHUL2+qEkUdP6qloUiAR3+mMi1vpY/8GLm2uNmUlVQwBuxR6Sv841Fe9
7g1X759e0AzJJNH9I16kV7k7xxFLfY1fy2RnISR7A0b878qFIxsrd1dKUH/Fy5Pf
jbpC0SccG7OeaGvThPHQtWe4MpQDCpxWmQ6Fwho7GTMHKCarhEw=
=taBI
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yJ6uNLKJtyKPYoAQhKPhAAqYcPU9L8tZdch7Cs2FSh2vDL5V0giAXt
CZTwhKMqFKsHB50i08qAe0N56FbSxbGMwd1Cdx7t/MNJwW8oR5cL5cKu/x8KwfKf
mkM54zUbCwbPGgG7VHo4GDttbtDkYJknX2D52kdsSvRKH+rcIHHs7gKEzy6H1/Wb
ex3MM5uvqDBHnn04HA0U0WWhOyICM2dmvPopi2xLGmRYe7A8T16XnXlQY4RtPSnl
oO204fCeGpQ6mVa8PnA2tjs1xVclVXgBEa4m1RhQaGMEJPojbiRJHF8eZ5iVdPzs
rb1/JU4cKzvJ/glN59+bBnLUdM82/TA4hE2e8yGsv5IBme/eWvgx4ENrb1tgnZJB
6DjnvbKvjLlpnNsDxvSCz+OKU2yhP5MhkO1siN+065jjLAfnetWoY/AollPf+p1+
oN3V7eo8rLfvAmIa0oh9tZNzrnv3K7vpAu8ZhBrOzHltps/XyN7C//DwTAwLEZeM
F5ZjEqGrVhmUUmYUMWKZsk+X8dERjrC37aLxl2ybxHgp2OsEzLICo3YKJRAGG/Oz
6UqJZjTrHHwTl6/VirpKM1wduE8ex/K9Lba0+Yzy6PERfj4+swmVPSVmHSDZevvD
iMy26ye+Ll5shvl5Edi+Y+a7Qcm80MNCjUvji0AAw1sGVefK3JFD3+LmK4MvpLx+
EQuzYkDy9/E=
=kpXV
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2984 - [Debian] mupdf: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2984-debian-mupdf-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2984-debian-mupdf-multiple-vulnerabilities

ESB-2020.2983 – [Debian] xorg-server: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2983
                        xorg-server security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           xorg-server
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
                   Increased Privileges            -- Existing Account
                   Denial of Service               -- Existing Account
                   Access Confidential Data        -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14362 CVE-2020-14361 CVE-2020-14347
                   CVE-2020-14346 CVE-2020-14345 

Reference:         ESB-2020.2958
                   ESB-2020.2914
                   ESB-2020.2905

Original Bulletin: 
   https://www.debian.org/lts/security/2020/dla-2359

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2359-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
August 30, 2020                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : xorg-server
Version        : 2:1.19.2-1+deb9u6
CVE ID         : CVE-2020-14345 CVE-2020-14346 CVE-2020-14347
                  CVE-2020-14361 CVE-2020-14362


Several issues have been found in xorg-server, the X server from xorg.
Basically all issues are out-of-bounds access or integer underflows in 
different request handlers. One CVE is about a leak of uninitialize heap 
memory to clients.


For Debian 9 stretch, these problems have been fixed in version
2:1.19.2-1+deb9u6.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl9MHMlfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfTww/+PtbsaDHf3/vJ7RLm3tJ2ejHzS5oWQPSW2lrdT6ioj5FgXJRPmsSb6oaz
jOvbXZuEGSLRF5SxpaR1nA+47NqyjH7KRLPGyQN5KBV/vG532v0BKSP3S7inldjO
yo2Z8sGiTbSjoTf8qH9k/2OpYi6uJqzIgsjjTnendVLlOuEDFUGmZzgA7NlPFtZN
GlPqLn3JnE/zMN/vc0BYcNG93JNwowhNDsRAEvTjU5HKCOJKvzMjD55s2Dkb8bDN
xrzBzyKbMa3ngN3pvbY9cQWSgP5X3yhChANRw+9ILQyoNZpUxEviPiVyGGmLxpJs
9yUWR0eCgMycaLAIdJG/lhOtE7Zcwc9Sph5DeFqD4BXSL8DiKDnsCukqOnNxeoVD
uUL7RAQeYZJnpB/q0lI36cYOSwnGaJZg8gdv9xZfcyEpQ4ABWXu5sxarNMVy6QY7
33XR0cl1NxmHWxJ4ur55OwkJQZ/ncsdv9TSxKWaYY0Jq+FT1Blrcrumd7tG6jTJU
LjCUplHQDx7uBWiTXy/oKLlnKQPrb1XFz9FSccou4so86hhhoa+S/P7voIhhvl5X
yCTEyaivnVBXA2MNAFh7Yzpn7TAlJUAooINZRJUqcyvNsAdQVPXOy5DM/KLbaR2S
l0QGv0oWVzkgDC9oLdRrdXSYccMjARwu1d1M0xoQnvdiTHlSdIo=
=GryC
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yJ3ONLKJtyKPYoAQg8Bg/8DqZfIXdsyiDhZbA/PR1LF6VuNlkZNkgA
Jn/vH8icKsC/2oiFN53MAdBPzlScHEBVRC+FGY9zpwYoZDnqtcuNN0cwKlFf7iBl
AdHRut9ouYMYSEZbuSgR42sg0PqjZTIgrFa/LMh20w2KUOQQaMso6S96htstw02+
I9HjABpXEF6eLYGIHQzBQ8N53tRfar3/fbRKsBPLo33Uu5o4ztzcl1jpdjX1POEf
5mgy0DcwfbgIbInaGUWhTCY+rxVWIPzDv8zwOzldpBgvfcigClk8WmsHssTxTc2l
X7IWnOXisYxU6GvHnze7Nc/ABWgD2XRTdOohk9IpdmCA+8dNa82yD4bz5hWjkg69
VcmJjfcRIRnB6h0c5oFxwAI9O+zZclEqfSttrgfP49ZQvhJNMckIjIFUPZcPRp2Z
XJsAcEZ3WH7DZBrI9WlUhueFbuliZdRvCc98q6iYzoaauYyGJaKGEslUFDp98C8f
NiVdwI0jqp2DVA1BWKQDdZq3CtWsNjB5qoEReO9cdgcb7ysniT33gzDXMSDTVRqE
fnOLlP2te9ot6S8C7I5sYMmHQ7YHRw6Tpn1aIXP7kq5eLcSzIshQ6Qi7yB8WHxm8
YFXUOfpMd5pGuHvEsetKlBuGR6wD4VRvB6Y0iCjDTNlXIxlt97RXXhaioAWH+mjH
tqq4VMa7QCA=
=35sS
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2983 - [Debian] xorg-server: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2983-debian-xorg-server-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2983-debian-xorg-server-multiple-vulnerabilities

ESB-2020.2982 – [Debian] openexr: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2982
                          openexr security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openexr
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Reduced Security                -- Existing Account            
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15306 CVE-2020-15305 CVE-2020-11765
                   CVE-2020-11764 CVE-2020-11763 CVE-2020-11762
                   CVE-2020-11761 CVE-2020-11760 CVE-2020-11759
                   CVE-2020-11758 CVE-2017-12596 CVE-2017-9116
                   CVE-2017-9115 CVE-2017-9114 CVE-2017-9113
                   CVE-2017-9112 CVE-2017-9111 CVE-2017-9110

Reference:         ESB-2020.2487
                   ESB-2020.2457
                   ESB-2020.2397
                   ESB-2020.1816

Original Bulletin: 
   https://www.debian.org/lts/security/2020/dla-2358

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2358-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                                     
August 30, 2020                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : openexr
Version        : 2.2.0-11+deb9u1
CVE ID         : CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 
                 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 
                 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 
                 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 
                 CVE-2020-15305 CVE-2020-15306

Multiple security issues were found in the OpenEXR image library, which 
could result in denial of service and potentially the execution of 
arbitrary code when processing malformed EXR image files.

For Debian 9 stretch, these problems have been fixed in version
2.2.0-11+deb9u1.

We recommend that you upgrade your openexr packages.

For the detailed security status of openexr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openexr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl9L/6wACgkQiNJCh6LY
mLFL6Q//cjiZFqzDGT1vnVMq2bBBURGRqKTNjIBg67ImmJLwDAQafAx1r9itCAU5
teVzv2dipgSSPemamh6F5GSLH3RibwHxd/qwhHazKHCtIvN+xOf7JbCfyycKxdVq
8RY1ZN3WEf4b9900UD8Uw6JHJUIU1p1JmdhnO91K2lV+xXc6/A53om1Y30tTZ5/b
p/GeVWhKAFfiEoYm9/tjiS0k1gV7Ipp+0EzdIYoqVgmnMi3CBbnSHT660ngEDHOZ
SV4rmYDra2MGNB/RSBFS2Bd40Qm3xc97/+dygir5X5Nm04uvNmPlUGj0J3QdaxFz
4Wh0h0xBzBfBHQPdSebIs00WgByP8ZYnylJOPxaTmSw89edpFgEBh5cgzAExrv6+
OajjdVxJG4Vzevqe3saJMda5q7lW8zgit56E7daBHFnQgvoK+OCw7SRjN1rgf2Vy
MLousLKweLiB2/i49THNUvHW0N3iD1hPG6SZQ5wuyC60T/sqq1Afd/YNjBUhYElj
h+iVf6/TOgdD0lxoZRG4t4Me0e6Rb3xstRst4orp3L1yJkMnjyyCl2D4G3+PMkpR
41ltQCQW/dSkvpQbw/QObULWg1DfHs1If+ZhSYrNp5/boonVrvzy67DV4I1Mgxry
W6p6iffjkfncGF339NMtX81s0BMmb1fQevDUyeTkHmijiwxYEOs=
=TwNG
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yJyuNLKJtyKPYoAQjk6g/9GxMQx5JKqAGDZrt0cFXmCpGgGs1m+x0z
3UaRrbIj7e6v+6+Hx2ORJfStwEKWNc5I/MBJ7Ek2LryBsR+Z4prPFx8PUM20n8aI
rys58xFIH+miEeqF0kPEefzjghNvOGKmC1SrJEApWvD2STZVRxB/18XAxIZB7dUV
OIHtznV/vkbHiCWmF5n529Je7/K4bwebbpAaAcQ7Vat2yAbBCEV4P35EYhFyfG4+
ElJ6loggGzjP5OfrMli8cXQDNTpgRWfvpmRac31oe8a5z1dlN+op7//kKGFBh8M6
VlvnVPA29FpnRgXaMjOzF9cV7SO1bn1Op5hMGcMODsJa5tNZ1jXittifthvifcZt
t+sQPESAO2dEr/Cfs66dEUN+/IAOVhYFmFnzo9qRNY/Q3Pxeh3dlrxauDKZlF+BX
JTLUTSVAeABcwRMlIL0UffzqMu1MB1D06YteG7jSjKzIhhfEa323hKHiV0D7QNz+
QzzqM0tmL6e/sANHOCH6GMphNpcI+bRLG0T1ZgidPr6Z+iuT92VCUZWYW9cHT8ty
Xb5M7ICFctYErpXIuRqkjM/BOwA6gCipqhI35svfuX6C+Ph9HFco6WUSs533vULa
H2QacUOHcyBJXdINGjJSrit5s4PJxCgFj7izsS9/5hZrffyr0TZ6Ujqzpux/2zHo
OUnOFmCKbm8=
=Zm5p
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2982 - [Debian] openexr: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2982-debian-openexr-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2982-debian-openexr-multiple-vulnerabilities

ESB-2020.2980 – [Debian] thunderbird: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2980
                        thunderbird security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           thunderbird
Publisher:         Debian
Operating System:  Debian GNU/Linux 10
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Provide Misleading Information  -- Remote with User Interaction
                   Reduced Security                -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-15669 CVE-2020-15664 

Reference:         ESB-2020.2956
                   ESB-2020.2955
                   ESB-2020.2949
                   ESB-2020.2948

Original Bulletin: 
   http://www.debian.org/security/2020/dsa-4754

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4754-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 29, 2020                       https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-15664 CVE-2020-15669

Multiple security issues have been found in Thunderbird which could
result in the execution of arbitrary code or the unintended installation
of extensions.

For the stable distribution (buster), these problems have been fixed in
version 1:68.12.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl9KkMkACgkQEMKTtsN8
TjZoCQ//VbAgbX+QcYyQByNzf16tmOSwoSzEtZiwRYw02WsrsTLOf0Ec7vbTYMGt
kdTah6PkhWmr05kuADNpibZqYO/qAnTNgORKGBt8wjYW7+GQLbkJ9MI4A/rx31lJ
fTWOo/Rmk070GFOxpB63C2n1Dh6KBAdv2pqtjFH28LYJX0JkX5LT7b9xKk27us7W
x8ohCiO8gqVlfuCuSIjFDuf8iTOfx1mpGNGE9NWs8iBw6mZ2wDPBHc+ZSbCAViMb
PIrlqoC1Phx+tKYOMGqVJLcMyKVlZ/Plkw1GhLWcSDRTAeNYWBadztML786lXbfz
UP2o968eaeI6vRUxuWtWRrSTqeoXFjk0FvREIt/jh/5RijEdmx9px0+26iC1aPha
e/Ck1hMBhYbrFiuol8Fd088cySMsYXsUQ8HmMjQi0iiTldGxCbEE9tMQ/uKkQrRt
nX7M1UAlS23ewLA3T/yvb2X4kcNbz5BL9jjRC75PPDfJ12VmSMzMFKNQxTn1syVJ
KG2oqWy8HEebxHLAZX5uMt6nG9WcN+jHMm+gWsvfKgl4y1nxe1pa9EvJI5vU7bqs
oawo1ER0qlU5El2qQweO82Ipb6vU0qoGJJEByYIXzhIrDySy5p6HB7RqRsMbebkb
495skORG0pTcN3z4Irp96pNpTH6CDUgg4/RzU8Z2lFLSVqO1uvo=
=od9p
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yJT+NLKJtyKPYoAQjIYA//eypAEQHUUiFO5nyJx4zdIpHx5uj+nE1h
7XaJV+n5Uu/9rtt986N6QG7KRuf89Ms3GH66mlJPQ7LoAfGJLTxYUCJpjk5e1no3
chzgMsbJIqLwd0QSPNWKdHJ2QNkKiJb4IzCt89k12NpRGj5U0+WvgWTo4qGKQJwq
lox7PUxQgwzscC0dGgWTWC+LrlguDmFn3KlM5niypBZUYi2v6Mrsox+eouz5q2jk
4KLGJkSJw9idYMXgjRyfcqbp7dql2oaf89iliFv+vonGw3chpGX9Qo+JU+AAx6Cb
2+++RmFw2M/634Yb6o1o7IwfnRcWUe2URKmFDYIrmqk5TcRPiKG+lD1fS926SKpl
79ULzdzjqhogXYrX/GQPF3FM9FRjQodoE0FqUuE/T2o6/KyuKx5lzlemITv7gL3Q
lFZxYh7uLAiCsSxNqXR484fLy8GUGTcrX7fcMkseYBh/R6gfLcAUCitBMrj7VX2W
iwDQ808duthgmVLtYMFWNTlY4tVP2xXFmOEA0x/M+mYa6+G1OnUpkUPfeJXECxVg
6YUu3pdkfnaY4ms3UcNlr4c5srpPEktcCjEujJUhgRsjb/hgy9ONrhdxrq0tn9JK
yF7k+cAjWWCMMBnEKXsIw/csJVmIdlzIqvXTZH8EiGm2pn+k1lMqA6O+R0fsI1T6
9nEP0Y19Wkg=
=xnLV
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2980 - [Debian] thunderbird: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2980-debian-thunderbird-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2980-debian-thunderbird-multiple-vulnerabilities

ESB-2020.2981 – [Linux][Debian] ros-actionlib: Execute arbitrary code/commands – Existing account

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2981
                       ros-actionlib security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ros-actionlib
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
                   Linux variants
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-10289  

Original Bulletin: 
   https://www.debian.org/lts/security/2020/dla-2357

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running ros-actionlib check for an updated version of the software 
         for their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2357-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                                     
August 30, 2020                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : ros-actionlib
Version        : 1.11.7-1+deb9u1
CVE ID         : CVE-2020-10289
Debian Bug     : 

Use of unsafe yaml load was fixed in ros-actionlib,
the Robot OS actionlib library.

For Debian 9 stretch, this problem has been fixed in version
1.11.7-1+deb9u1.

We recommend that you upgrade your ros-actionlib packages.

For the detailed security status of ros-actionlib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ros-actionlib

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAl9L2zwACgkQiNJCh6LY
mLE/jxAAujJTsDttLLd5yEaG56gtyqzm07txtaXa1zYa95EOf5uwZZRY4VBc9nrE
u+9WI6erk+F3fdrR1Q3C2z92+H50OzKdIu3Xz9FIBRmP82GUMNTXEtBT9n/MJIL2
yHF2V5GzEh936rFxyCsoWqFPA3u3RFQg+dS6tx8iJge+uOa3hrUNiJqpZx1DEwCz
JYAn2faxkU0XcG6nwmNWiAnIP9FlFj9FPuP/Kj02zSPBWidEonNDaA/U6o63t3cm
hTs1n5EuZz+3gJiQTZAPdKnV/GP4aORdYwBdto1kEsayr29nekqyKlYp55x7sPNk
nwT4Vp+X1jjl9CrLuZqRpgQSvehCYuBkSvz6T+9M3JmvYZj+Q8hFXBlWhneQdMBH
gZLNxtGAp3wUjDsrBbLjiBTOKh82p1zw3zYBnTq0/ImkK+S9+wg3DVId8Pwu8bac
qw+TIWDxyGEd5y6NZ9ACKllBLvOlJeibEsLG0cWoXhnjro4tK60Ajhcv1qZt7Xax
PFAasiyCOol1Y7DJNW6zbnpFUGDXfCIa5LeaBhRzv4sbQpYNhHFnpBCiv+EGkm96
3WDXiHF7RKztLU8vePRu2NEhoxM6mN7G6xDYWe6xQ5zS8Y3IK3Z56WNFzmlII4sN
vkZLtjr8fOWxJTNJe2Hsxy6SEU+hckk5cc0hslSUjyJfg7GG1TY=
=pslw
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yJtONLKJtyKPYoAQgT6Q/8CISz8CjfPY8GhNGAatd7ZVuJ3yuflRB6
2uUIDBN0D64VYSxWU2PEjC027glCuhSL/Y265qO2z9s9PquRO4d14cWpnLjy7E9B
PmJAr3WtGtv+Pggtxj3D2DCCJIAj94GLvZOa8M3w+RycVkqenObA5xE+B/7WdY3/
mm3uKNlOFIHO788TRqzNQwbOXhz4Lf98ldamA7bdNbHZACJNqO7qYZRed4/R91P2
oTIN7BiXDdxD32kuVoJrrAFn8ggBr5JWFDjT6+ecCxFo3z+6+DL6EUxefWVXKAow
dS91dmApdWeSPBmy4vLwV6+N7Pn7m/KLV+3ftKjNx2SisWWoE4LMauyPW9SZafHp
CVab23cGDwPT2ePkV1ZRLP8GeeGOG4KH40+1ZBMW9mQhdYJjtf7ySRK32Z/IdlgT
O/r3cT18Eb/aLP1KTQhdqaYMVYn/aLcybezX9uxUY/ZbF5/IzVmSllD2OBE4b9e/
gpCKpVrTIXldbUqvkfNDPpblastUszExzOQ9mWD/ForDqxNO72rmIY/R4HHFoYM+
/ioQgkKx/z1RRx8DQsFYhdq+h6Auyo13dQBhT5JlOvt9WC6fBVwdiqErUBXI3bR/
DbkqXB6VB3P0UqnxcsmCB0IXGZX5chOyvVX66mNIra6ThEq0v2DzTrzHlEQuzWYN
c3is2lEA+Ko=
=LEm4
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2981 - [Linux][Debian] ros-actionlib: Execute arbitrary code/commands - Existing account first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2981-linuxdebian-ros-actionlib-execute-arbitrary-code-commands-existing-account/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2981-linuxdebian-ros-actionlib-execute-arbitrary-code-commands-existing-account

ESB-2020.2979 – [Debian] freerdp: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2979
                          freerdp security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           freerdp
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Remote/Unauthenticated
                   Reduced Security                -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-13398 CVE-2020-13397 CVE-2020-13396
                   CVE-2020-11526 CVE-2020-11525 CVE-2020-11523
                   CVE-2020-11522 CVE-2020-11521 CVE-2020-11058
                   CVE-2020-11048 CVE-2020-11046 CVE-2020-11045
                   CVE-2020-11042 CVE-2020-1339 CVE-2020-1152
                   CVE-2014-0791  

Reference:         ASB-2020.0140
                   ESB-2020.2847
                   ESB-2020.2611
                   ESB-2020.2527
                   ESB-2020.1986

Original Bulletin: 
   https://www.debian.org/lts/security/2020/dla-2356

- --------------------------BEGIN INCLUDED TEXT--------------------

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2356-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                         Mike Gabriel
August 30, 2020                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : freerdp
Version        : 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u4
CVE ID         : CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046
                 CVE-2020-11048 CVE-2020-11058 CVE-2020-11521 CVE-2020-11522
                 CVE-2020-11523 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396
                 CVE-2020-13397 CVE-2020-13398

Several vulnerabilites have been reported against FreeRDP, an Open Source
server and client implementation of the Microsoft RDP protocol.

CVE-2014-0791

    An integer overflow in the license_read_scope_list function in
    libfreerdp/core/license.c in FreeRDP allowed remote RDP
    servers to cause a denial of service (application crash) or possibly
    have unspecified other impact via a large ScopeCount value in a Scope
    List in a Server License Request packet.

CVE-2020-11042

    In FreeRDP there was an out-of-bounds read in update_read_icon_info.
    It allowed reading an attacker-defined amount of client memory (32bit
    unsigned -> 4GB) to an intermediate buffer. This could have been used
    to crash the client or store information for later retrieval.

CVE-2020-11045

    In FreeRDP there was an out-of-bound read in in
    update_read_bitmap_data that allowed client memory to be read to an
    image buffer. The result displayed on screen as colour.

CVE-2020-11046

    In FreeRDP there was a stream out-of-bounds seek in
    update_read_synchronize that could have lead to a later out-of-bounds
    read.

CVE-2020-11048

    In FreeRDP there was an out-of-bounds read. It only allowed to abort
    a session. No data extraction was possible.

CVE-2020-11058

    In FreeRDP, a stream out-of-bounds seek in
    rdp_read_font_capability_set could have lead to a later out-of-bounds
    read. As a result, a manipulated client or server might have forced a
    disconnect due to an invalid data read.

CVE-2020-11521

    libfreerdp/codec/planar.c in FreeRDP had an Out-of-bounds Write.

CVE-2020-11522

    libfreerdp/gdi/gdi.c in FreeRDP had an Out-of-bounds Read.

CVE-2020-11523

    libfreerdp/gdi/region.c in FreeRDP had an Integer Overflow.

CVE-2020-11525

    libfreerdp/cache/bitmap.c in FreeRDP had an Out of bounds read.

CVE-2020-11526

    libfreerdp/core/update.c in FreeRDP had an Out-of-bounds Read.

CVE-2020-13396

    An out-of-bounds (OOB) read vulnerability has been detected in
    ntlm_read_ChallengeMessage in
    winpr/libwinpr/sspi/NTLM/ntlm_message.c.

CVE-2020-13397

    An out-of-bounds (OOB) read vulnerability has been detected in
    security_fips_decrypt in libfreerdp/core/security.c due to an
    uninitialized value.

CVE-2020-13398

    An out-of-bounds (OOB) write vulnerability has been detected in
    crypto_rsa_common in libfreerdp/crypto/crypto.c.

For Debian 9 stretch, these problems have been fixed in version
1.1.0~git20140921.1.440916e+dfsg1-13+deb9u4.

We recommend that you upgrade your freerdp packages.

For the detailed security status of freerdp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/freerdp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- --

mike gabriel aka sunweaver (Debian Developer)
fon: +49 (1520) 1976 148

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: sunweaver@debian.org, http://sunweavers.net


- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl9K6hMACgkQmvRrMCV3
GzFFyw//avf+REmNqcAyJZg/SC4lDi6Iise+yrj5bAc46/NoDnbulgVJY+vl3N5f
3PpTcQAbIEogpAU5bfJ7LR/2ms468UfJUpNNTrWan3+/Xzw3COjLToYAzrDdzsd9
51ddVCDBHw3pEsTmYz+SNjMnZw9hos/0/5hEGdVis9QuUh/2UvpniYP/OxbYWGtS
PMsyOQ/yXBl1d3sBGBqZ/xJMIas9FlV9cZwinAfmIx/4dLjSmimrGWVzZAlcWNS1
oKmbp1JrNNeUSSdMZN/qxOSeA7b6HaPQk9hLcaeGXWaUaiFr1kN6GQbaFpt+Qegy
scNoCfe2r7kFSRhM7QtEl+thZyS03qcqcHpo839sZDpnTn1tGb9blo2F7CfneY7y
aO4u6UgR/N6IG31WsbyOdaO8f55/r4ZZgj7bm8ydzkxrEzs/8MbgpOdCr0FdVVK+
0ngAdB7S5IJtZKWdMRIKPKpjI41SpIEEtva++IQ1C2q6rKnPLkeOsQ1DLwUpQwLu
NI/BceswhmvphFapuZaWQn2rWjrQ8LCG5COuwgtm/mp8fWZ5oTyRuAPBoDiZEmsS
iv+ras1K5q0/ByoSykah/jlaq8ICXRpkhFfr1120xTt7Ze9um7W15OQFUmsXKMqE
6SpBEXpLbbGrUG77XKS8330Izp/2EK2/MMzGlnN3+qiQeqqbeAo=
=PcVG
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0yExuNLKJtyKPYoAQgYFA/8Cm8r+iVCjt9xDBSg18OzQWcQ8wO0afa3
WeqUtT8wjvZ3gOZEY5QVOU9FJSiIiMWUJNH6ae9dq154DBrQXGCWt0139jW+Y8ke
IjZEIs6uVKwUUp4OlMi6Nlu0S1bhksD3UzCoMkc4PQ1D1ijSxjoukFMVCgdjbNR3
Se1eypZhnvatN4sFU2Rcdm7SB4vOovcQc+YGVJ+h2ZBKWtSeUefzqZjq68JaI4Wg
kUK0Oem4Cam+lC8ld8KKEwJhQNufYL+uc88diH/Kh2NXl9ntN7lMJTJZvWcgqtst
YffGwB9bmNq8DtAzMNeEAOi05T7g7KiyG+yOkLtXEn70ihRuqLGFu0rxarH8SSwr
uNE8ON/WxOvQ1fv9LKu7/USC9G2Vt79VRJm+AjSo0dNiga8iuBiKxNohhI3j70lx
+h3Xmdu1ddmEkoI7HqvTbMzkLgWIoSmTwSUufMoNF0q1xKpHXpI5/FT2ZuNOyKwe
NpRKbpEpuV3ZK3E4IL48gwuYpSBi5V7/c0l+jN7KJRFJaA5YFLauATlnBJfpTGDI
MuhMet29pvuYbuvbh8MQNUUIJt3hcQpqJjbO4Y7lZUKffqghtsvBg6fdp02jf7af
O67jiNaG+CXDg6/Ji9URTLB7EuPkkpRzinSxVbZL3jyj1sRpXgYugmWIPYvQuIoD
UymOrmzGJPI=
=BiUP
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2979 - [Debian] freerdp: Multiple vulnerabilities first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2979-debian-freerdp-multiple-vulnerabilities/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2979-debian-freerdp-multiple-vulnerabilities

ESB-2020.2977 – [Debian] bind9: Denial of service – Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.2977
                           bind9 security update
                              31 August 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           bind9
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-8623 CVE-2020-8622 

Reference:         ESB-2020.2954
                   ESB-2020.2951
                   ESB-2020.2881
                   ESB-2020.2872

Original Bulletin: 
   https://www.debian.org/lts/security/2020/dla-2355

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2355-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
August 29, 2020                               https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : bind9
Version        : 1:9.10.3.dfsg.P4-12.3+deb9u7
CVE ID         : CVE-2020-8622 CVE-2020-8623


Two issues have been found in bind9, an Internet Domain Name Server.

CVE-2020-8622

      Crafted responses to TSIG-signed requests could lead to an assertion
      failure, causing the server to exit. This could be done by malicious
      server operators or guessing attackers.

CVE-2020-8623

      An assertions failure, causing the server to exit, can be exploited
      by a query for an RSA signed zone.


For Debian 9 stretch, these problems have been fixed in version
1:9.10.3.dfsg.P4-12.3+deb9u7.

We recommend that you upgrade your bind9 packages.

For the detailed security status of bind9 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/bind9

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl9KyPpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcNPxAAkR780dtrjFfWfWQHUUb7SXxxCupMI+EI2nsC3ad6o2TfsZDe6eU6V5wX
KC2MDag8/ERJj4EvlLhsq4yLDT0qfRfA/d/+Q5huzOuBcpvU8OaIFwGIaMDgQQpp
A0gqX146bNmXEDku3WBZUlJu7nCvyRO6C7LRTKQCLekX9/CM47HAMYr03WnAImU1
Ab5VLwieGVT0vMGQcpUYjmxGUrGJaHTHlALnpO1TzBftvQzVIX9C+fjlHxh6/LSF
um87Wp8m3ixR80Vmqtof1DR6WIcFzaKLzwS0s2LijFPjvc4lV5uwh7oAcIt1S4J/
uwoeeMonDnEA+z+zg6+DsPce07feQw/enqp8ue0/bEMaOSeNu2gfwdRymqqr0yax
eVaWqrpL+3FfdjWP7a1UGGveUl5NGR9QkTJqGINiTaKdv71oQa+Pj3ghSx8Nwzr/
KoPsee7Q6RLB1uzu4qSvqaqTgEaXGiEybAKQRSA2/uBJFCqCRrUBY7UCt4pp/46r
vggwJuujKJm9xPpqK/eOH/0czDlJYC5OQbkzthrL8BE0iv1VQhZPxd5S5JXAHSOM
sp8TEyHkWKFeqB8Xp8XiVSOkq4k35wV0xYgMbGTukrK8AgGoveGk01r+pgKjDRfe
yTRUcJ3PyfhsleBc8PkBuL86D90jaD8gi8sH6Mh8NCz8VSUz+Aw=
=DQli
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX0x4R+NLKJtyKPYoAQj24hAAo4Nd7QE0HiwP9IcvZ+ndbBjdOeikFchT
9zVM52ZzSVz27vvfow2ZfGuUwcVk6qvXHeVmoCYMQPgOpqNl6WOq0m3fDNvOZJni
X30D5B486wmYov4cUv8n+S54XgyEVL0avaoawW1LTCqxc12oPbSdQD8CUkkZQ88T
rcH2e/6umUiRUpo6YBWQpaubC/US1xdh6l4R9mRGWn6L/0yBzaiAi/Q/H8E8TsOV
IYDu4nbp19mpnjhWRpoj6JstB7+fvj4bMAh9dhzxUQRg2A8cbtCyvqRb0IclujCs
1HMET72VqfW1TIroWK39VXcpAqsUj5a/X+2YSOBcIf0afRcxBP/cYme/fxc7UH/y
7Oe74NKs7QIvYXnirHmck5JNA1xL+rr95HjYO7f/t9WZIr1VxCv+4t0WS28hszQT
BRH12sCwUVGK2cqLzz8RJ/bKRyiDISR2Y4nb8vlJq/tuTqnpRjlZ3v646pqJGXAw
mEI8irT+6QF+MXBwrsHq4tJQodkLPsK13UL9KgLCYJ4XEf5+Cc/NCX5En93B/92I
mzCFcrigDVQMEla4G6rqzQ3m1dmvriQJ8XV4mWgQxLGqJWxwLMPrI7k5pfb+Vmou
6h3kcjES2YHK3rhjC6PNB5RyvLSCFmZqX1jEsmgQL73WSlVY9iBuUn/z0efOxVDB
Zk+Pfl+4k+8=
=LSvs
-----END PGP SIGNATURE-----

Read More

The post ESB-2020.2977 - [Debian] bind9: Denial of service - Remote/unauthenticated first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/31/esb-2020-2977-debian-bind9-denial-of-service-remote-unauthenticated/?utm_source=rss&utm_medium=rss&utm_campaign=esb-2020-2977-debian-bind9-denial-of-service-remote-unauthenticated

Certulitis – one tool that keeps on giving

Certutil is a really naughty tool. It accepts lots of various command line arguments that I believe are not widely known – and this post (and maybe some follow-up posts) is hoping to change that.

One of the first things I caught when I started analysing its command line arguments was the mysterious, case-insensitive command line argument comparison with the ‘uSAGE’ string. It turns out that certutil offers two different usage information depending on a command line option. If you just use ‘?’ then it’s the ‘official’ version. If it’s ‘uSAGE’ then it’s the unofficial one. Of course, once I found out I ran into Google and Twitter to find out if it is IN THE KNOWN.

Yes, it was. @0gtweet did it my favourite way – the hard way :-), @dunarth did it the right way, and @chris_ayres did it the earliest way (AFAICT).

Okay, with this out of the way, we look at the actual command line arguments.

Wait. What about the command line switches? Similarly to PowerShell, certutil accepts command line arguments using a number of different characters:

• / (Unicode 0x002F)
• – (Unicode 0x002D)
• – (Unicode 0x2013)
• − (Unicode 0x2212)
• ? (Unicode 0x00FB)

I still can’t figure out why the last Unicode character on that list is being accepted. The Unicode character 0x00FB is ‘û’. If you know, please let me know and I will update the post.

Another discovery is brought to us by two unusual environment variables:

• certsrv_rawhex – shows stuff in raw hex (e.g. certs)
• CertSrv_Chain – enables debugging information being available for cert chain
• CERTSRV_LOGMAX – maximum length of the certutil.log file
• CERTSRV_DEBUG – enables certutil debug mode
• CERTSRV_LOGFILE – name of the log file

The ‘certutil.log’ file is a log file that is created if DbgIsSSActive function imported from ‘certcli.dll’ which forwards it to ‘certca.dll’ returns true. I am kidding, it’s a convoluted way to say that certain conditions need to be met for the ‘certutil.log’ to be created, They can be either set via Registry (HKLMSoftwareMicrosoftCryptographyAutoEnrollmentDebug=XXX OR HKLMSYSTEMCurrentControlSetServicesCertSvcConfigurationDebug=XXX), or via environment variables listed below.

In fact, setting

set CERTSRV_LOGFILE=c:testfoo.log
set CERTSRV_DEBUG=0xFFFFFFFF

will enable full logging to your main console and to the file c:testfoo.log.

Pick up your favorite certutil command and give it a go. You will like the output as it helps to troubleshoot your manual testing

Finally, while certutil is primarily a command line application, it does create a windows called ‘CertUtil Application’ of class ‘CertUtil’, and apart from it, provides a UI for some of its commands (e..g -URL).

Read More

The post Certulitis – one tool that keeps on giving first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/30/certulitis-one-tool-that-keeps-on-giving/?utm_source=rss&utm_medium=rss&utm_campaign=certulitis-one-tool-that-keeps-on-giving

Network Security News Summary for Monday August 31 2020

A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

The post Network Security News Summary for Monday August 31 2020 first appeared on Malware Devil.

https://www.malwaredevil.com/2020/08/30/network-security-news-summary-for-monday-august-31-2020/?utm_source=rss&utm_medium=rss&utm_campaign=network-security-news-summary-for-monday-august-31-2020