Engineer's Toolset Security Vulnerabilities

(RHSA-2024:1468) Important: go-toolset-1.19-golang security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads...

(RHSA-2024:1462) Important: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads...

RHEL 7 : go-toolset-1.19-golang (RHSA-2024:1468)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1468 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang:...

Oracle Linux 9 : golang (ELSA-2024-1462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1462 advisory. A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using...

RHEL 9 : golang (RHSA-2024:1462)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1462 advisory. The golang packages provide the Go programming language compiler. Security Fix(es): * golang: golang-fips/openssl: Memory leaks in code encrypting...

RHEL 8 : go-toolset:rhel8 (RHSA-2024:1472)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1472 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang-fips/openssl:...

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads...

golang security update

[1.20.12-2] - Fix CVE-2024-1394 - Resolves:...

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) For more details about the security issue(s), including the impact, a CVSS...

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) For more details about the security issue(s), including the impact, a CVSS...

Amazon Linux 2 : rust (ALAS-2024-2496)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2496 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API,...

Amazon Linux 2 : rust (ALAS-2024-2504)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2504 advisory. RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: ...

Important: rust

Issue Overview: RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Affected Packages: rust Note: This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ...

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to git_revparse_single can cause the function to enter an infinite loop, potentially.....

CVE-2024-2314

A flaw was found in the BCC toolset. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bcc to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential...

Securing the Next Level: Automated Cloud Defense in Game Development with InsightCloudSec

Imagine the following scenario: You're about to enjoy a strategic duel on chess.com or dive into an intense battle in Fortnite, but as you log in, you find your hard-earned achievements, ranks, and reputation have vanished into thin air. This is not just a hypothetical scenario but a real...

Oracle Linux 9 : golang (ELSA-2024-1131)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1131 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

AlmaLinux 9 : golang (ALSA-2024:1131)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1131 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network...

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. "TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries," Cisco Talos researcher...

golang security update

[1.20.12-1] - Rebase to 1.20.12 - Fix CVE-2023-45285...

(RHSA-2024:1131) Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285) For more details about...

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking group's malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware. The GhostSec and Stormous ransomware groups are jointly conducting double extortion...

RHEL 9 : golang (RHSA-2024:1131)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1131 advisory. The golang packages provide the Go programming language compiler. Security Fix(es): * golang: net/http/internal: Denial of Service (DoS)...

Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules (CVE-2023-45285) For more details about the...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-git , Golang, GnuTLS, Libxml2, protobuf-c, JSON-java, Libmaxminddb, SQLite3 packages and cryptographic algorithms

Summary go-git , Golang, GnuTLS, Libxml2, protobuf-c, JSON-java, Libmaxminddb, SQLite3 are consumed through RedHat UBI, go-toolset and OSE packages. These packages are shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2023-47745 ...

(RHSA-2024:1041) Moderate: go-toolset-1.19-golang security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules...

RHEL 7 : go-toolset-1.19-golang (RHSA-2024:1041)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1041 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang:...

CentOS 9 : gcc-toolset-13-binutils-2.40-8.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the gcc-toolset-13-binutils-2.40-8.el9 build changelog. GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, ...

CentOS 9 : rust-1.71.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the rust-1.71.1-1.el9 build changelog. Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2024-0887)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0887 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

go-toolset:ol8 security update

delve [1.20.2-1.0.1] - Disable DWARF compression which has issues (Alex Burmashev) [1.20.2-1] - Rebase to 1.20.2 - Resolves: rhbz#2186495 golang [1.20.12-1] - Update to Go 1.20.12 - Fix CVE-2023-39326 CVE-2023-45285 go-toolset [1.20.12-1] - Update to Go 1.20.12 - CVE-2023-39326 golang:...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:0887)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0887 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network...

(RHSA-2024:0887) Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules...

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules...

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326) golang: cmd/go: Protocol Fallback when fetching modules...

RHEL 8 : go-toolset:rhel8 (RHSA-2024:0887)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0887 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang:...

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition data, and intercepting SMS....

Wix Toolset Installed (Windows)

The Wix Toolset is installed on the remote Windows...

Wix Toolset < 3.14 / 4.x < 4.0.4 Privilege Escalation

The version of Wix Toolset installed on the remote host is prior to 3.14.0 or 4.x prior to 4.0.4. It is, therefore, affected by a privilege escalation vulnerability. The .be TEMP folder is vulnerable to DLL redirection attacks that allow an unauthenticated, local attacker to escalate privileges....

CVE-2024-24810

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been.....

CVE-2024-24810

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been.....

CVE-2024-24810

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been.....

Code injection

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been.....

CVE-2024-24810 WiX is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges

WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. The .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges. This impacts any installer built with the WiX installer framework. This issue has been.....

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC4990....

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-yaml, OpenSSL, GnuTLS , OpenTelemetry-Go, go-toolset and urllib3

Summary OpenSSL, go-yaml, GnuTLS , OpenTelemetry-Go and urllib3 are consumed through RedHat UBI, go-toolset and OSE packages. These packages are shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2022-28948 DESCRIPTION: **Go-Yaml is...

Amazon Linux 2 : rust (ALAS-2024-2426)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2426 advisory. Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not...

Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending...

Medium: rust

Issue Overview: Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by cargo build --timings. A malicious package included as a dependency may inject.....

Unified security operations with Microsoft Sentinel and Microsoft Defender XDR

Numerous cybersecurity tools exist to help organizations protect their data, people, and systems. There are different tools that check emails for phishing attempts, secure infrastructure and cloud, and provide generative AI to detect threats and uplevel response beyond human ability. While each of....