Engineer's Toolset Security Vulnerabilities

llvm-toolset:rhel8 bug fix and enhancement update

An update is available for module.libomp, module.llvm, clang, libomp, llvm, module.clang, module.compiler-rt, compiler-rt, python-lit, module.lld, module.lldb, module.python-lit, lldb, lld. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a...

Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa

The Iranian nation-state actor known as MuddyWater has leveraged a newly discovered command-and-control (C2) framework called MuddyC2Go in its attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under...

CVE-2023-50728

octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request...

CVE-2023-50728

octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request...

CVE-2023-50728

octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request...

Cross site request forgery (csrf)

octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request...

CVE-2023-50728 Unauthenticated Denial of Service in the octokit/webhooks library

octokit/webhooks is a GitHub webhook events toolset for Node.js. Starting in 9.26.0 and prior to 9.26.3, 10.9.2, 11.1.2, and 12.0.4, there is a problem caused by an issue with error handling in the @octokit/webhooks library because the error can be undefined in some cases. The resulting request...

Metasploit Weekly Wrap-Up: Dec. 15, 2023

Continuing the 12th Labor of Metasploit Metasploit continues its Herculean task of increasing our toolset to tame Kerberos by adding support for AS_REP Roasting, which allows retrieving the password hashes of users who have Do not require Kerberos preauthentication set on the domain controller....

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from shadow-utils, procps-ng, containerd, urllib3, nghttp2 and Golang

Summary Multiple issues were identified in Red Hat UBI packages, go-toolset and OSE are fixed and shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2023-25153 DESCRIPTION: **containerd is vulnerable to a denial of service, caused by a...

Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

SUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) assess Russian...

New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace

A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what's suspected to be a cyber espionage mission. The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is...

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. "This malware family is written using the .NET framework and leverages the domain name service (DNS) protocol to create a covert channel and...

gcc-toolset-11-binutils bug fix and enhancement update

An update is available for gcc-toolset-11-binutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The binutils packages provide a collection of binary...

gcc-toolset-13-annobin bug fix and enhancement update

An update is available for gcc-toolset-13-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the.....

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

Adobe Audition Uninitialized Pointer Access Vulnerability (CNVD-2023-88660)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A security vulnerability exists in Adobe Audition version.....

Adobe Audition Out-of-Bounds Write Vulnerability (CNVD-2023-88381)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. An out-of-bounds write vulnerability exists in Adobe...

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2023-88658)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. An out-of-bounds read vulnerability exists in...

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2023-88380)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. An out-of-bounds read vulnerability exists in Adobe...

Adobe Audition Uninitialized Pointer Access Vulnerability (CNVD-2023-88657)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A security vulnerability exists in Adobe Audition version.....

Adobe Audition Heap Buffer Overflow Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. A heap buffer overflow vulnerability exists in Adobe...

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2023-88661)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product mainly uses a comprehensive toolset that includes multi-track, waveform and spectral display to mix, edit and create audio content. An out-of-bounds read vulnerability exists in Adobe...

Adobe Audition Out-of-Bounds Read Vulnerability (CNVD-2023-88659)

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. An out-of-bounds read vulnerability exists in...

Adobe Audition Uninitialized Pointer Access Vulnerability

Adobe Audition is a set of multi-track editing tools from the American company Audobee (Adobe). The product is mainly used to include multi-track, waveforms and spectral display of the perfect toolset for audio content mixing, editing and creation. A security vulnerability exists in Adobe Audition....

container-tools:ol8 security and bug fix update

aardvark-dns [2:1.7.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0 - Related: #2176055 [2:1.6.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0 - Related: #2176055 buildah [1:1.31.3-1] - update to...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, glibc-minimal-langpack, glibc-common, ncurses-libs and Kubernetes

Summary Multiple issues were identified in Red Hat UBI packages, Kubernetes and go-toolset are fixed and shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2023-4813 DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a.....

Apigee API Security policies howto

The Genesis of Apigee API Security Guidelines In today's digital epoch, APIs (Application Programming Interfaces) have ascended to be the fundamental infrastructure underpinning software development - furnishing the medium for diverse software systems to interact and exchange data. Yet, with this.....

Introducing ThreatDown: A new chapter for Malwarebytes

Since I started Malwarebytes 15 years ago the threat landscape has changed. Our offerings have evolved. And now the next chapter of our journey begins today. How did we get here? My first cyber “combatant” was an early form of adware running amok on my family’s computer. Removing it was a team...

Rocky Linux 8 : gcc-toolset-11-gcc (RLSA-2021:4586)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4586 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:1746)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1746 advisory. In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5775)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5775 advisory. Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling...

Rocky Linux 8 : gcc-toolset-10-binutils (RLSA-2021:4649)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4649 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2022:1894)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1894 advisory. Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5337 advisory. encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. (CVE-2022-24675) ...

Rocky Linux 9 : go-toolset and golang (RLSA-2023:0328)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0328 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts...

Rocky Linux 8 : llvm-toolset:rhel8 (RLSA-2021:4743)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4743 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2021:1935)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1935 advisory. In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:3585)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:3585 advisory. Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to...

Rocky Linux 8 : gcc-toolset-10-gcc (RLSA-2021:4585)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4585 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:1819)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1819 advisory. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm...

Rocky Linux 8 : gcc-toolset-11-binutils (RLSA-2021:4594)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4594 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2021:4270)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4270 advisory. library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2023:0446)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0446 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts...

Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2021:4590)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4590 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:4156)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4156 advisory. Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may...

Rocky Linux 8 : gcc-toolset-10-annobin (RLSA-2021:4592)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4592 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:3076)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3076 advisory. encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the...

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2021:5160)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5160 advisory. net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2...

Rocky Linux 8 : gcc-toolset-11-annobin (RLSA-2021:4591)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4591 advisory. ** DISPUTED ** An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of...

PentestPad: Platform for Pentest Teams

In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of objectivity, ensuring efficiency and exceptional accuracy. The synergy between a skilled penetration...