SIMATIC ET200ecoPN, DI 16x24VDC, M12-L Security Vulnerabilities

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6752-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6752-1 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to...

Slackware Linux 15.0 / current libarchive Vulnerability (SSA:2024-116-01)

The version of libarchive installed on the remote host is prior to 3.7.3. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-116-01 advisory. libarchive Remote Code Execution Vulnerability (CVE-2024-26256) Note that Nessus has not tested for this issue but has instead...

Debian dsa-5674 : pdns-recursor - security update

The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5674 advisory. A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6749-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6749-1 advisory. FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow...

Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)

Summary Vulnerability in RPM could allow a remote authenticated attacker to execute arbitrary code (CVE-2023-7104). RPM is used by AIX for package management. Vulnerability Details ** CVEID: CVE-2023-7104 DESCRIPTION: **SQLite SQLite3 is vulnerable to a heap-based buffer overflow, caused by...

CVE-2024-26923 af_unix: Fix garbage collector racing against connect()

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

CVE-2024-26923 af_unix: Fix garbage collector racing against connect()

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM_RIGHTS, two...

pyLoad allows upload to arbitrary folder lead to RCE

Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/app_blueprint.py python @bp.route("/render/<path:filename>", endpoint="render") de...

pyLoad allows upload to arbitrary folder lead to RCE

Summary An authenticated user can change the download folder and upload a crafted template to the specified folder lead to remote code execution Details example version: 0.5 file:src/pyload/webui/app/blueprints/app_blueprint.py python @bp.route("/render/<path:filename>", endpoint="render") de...

AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)

IBM SECURITY ADVISORY First Issued: Wed Apr 24 15:34:58 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/rpm_advisory2.asc Security Bulletin: AIX is vulnerable to arbitrary code execution due to RPM (CVE-2023-7104)...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Sanitize vulnerabilities (USN-6748-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6748-1 advisory. Sanitize is an allowlist-based HTML and CSS sanitizer. Versions 5.0.0 and later, prior to 6.0.1, are vulnerable to Cross-site...

Ubuntu 20.04 LTS : Squid vulnerability (USN-6728-3)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6728-3 advisory. Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug....

Ubuntu 22.04 LTS / 23.10 : Google Guest Agent and Google OS Config Agent vulnerability (USN-6746-1)

The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6746-1 advisory. The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6747-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6747-1 advisory. There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory...

Slackware Linux 15.0 / current ruby Multiple Vulnerabilities (SSA:2024-114-01)

The version of ruby installed on the remote host is prior to 3.0.7 / 3.3.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-114-01 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version.....

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6742-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6742-2 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain...

Slackware: Security Advisory (SSA:2024-114-01)

The remote host is missing an update for...

[slackware-security] ruby

New ruby packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/ruby-3.0.7-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Arbitrary memory address read vulnerability with Regex...

Debian dsa-5673 : glibc-doc - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5673 advisory. The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

Debian dla-3792 : ctdb - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3792 advisory. A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and...

Debian dla-3793 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3793 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported...

Slackware: Security Advisory (SSA:2024-113-01)

The remote host is missing an update for...

Ubuntu 16.04 LTS / 18.04 LTS : Percona XtraBackup vulnerability (USN-6745-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6745-1 advisory. In Percona XtraBackup (PXB) through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected command...

Debian dsa-5669 : guix - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5669 advisory. Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another...

Debian dsa-5672 : openjdk-17-dbg - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5672 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported...

Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-6743-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6743-2 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uaf in jfs_evict_inode When the execution of diMount(ipimap) fails, the...

Debian dsa-5671 : openjdk-11-dbg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5671 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported...

Slackware Linux 15.0 / current freerdp Vulnerability (SSA:2024-113-01)

The version of freerdp installed on the remote host is prior to 2.11.7. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-113-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 20.04 LTS : Pillow vulnerability (USN-6744-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6744-2 advisory. In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. (CVE-2024-28219) Note that Nessus has not...

Debian dsa-5670 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5670 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

Debian dla-3791 : thunderbird - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3791 advisory. The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : Pillow vulnerability (USN-6744-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6744-1 advisory. In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of ...

Ubuntu 16.04 LTS / 18.04 LTS : LXD vulnerability (USN-6738-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6738-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

CVE-2024-32656

Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media...

[slackware-security] freerdp

New freerdp packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/freerdp-2.11.7-i586-1_slack15.0.txz: Upgraded. This release eliminates a bunch of issues detected during oss-fuzz runs. (...

Take Command Summit: Take Breaches from Inevitable to Preventable on May 21

Registration is now open for Take Command, a day-long virtual summit in partnership with AWS. You do not want to miss it. You’ll get new attack intelligence, insight into AI disruption, transparent MDR partnerships, and more. In 2024, adversaries are using AI and new techniques, working in gangs...

Slackware: Security Advisory (SSA:2024-110-01)

The remote host is missing an update for...

Exploit for OS Command Injection in Ray Project Ray

Python POC Derived...

Mitsubishi MELSEC-Q/L Series Incorrect Pointer Scaling (CVE-2024-0802)

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from a target product or execute malicious code on a target product by sending a specially crafted...

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-1917)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-0803)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

Mitsubishi MELSEC-Q/L Series Incorrect Pointer Scaling (CVE-2024-1915)

Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot. Please...

Mitsubishi MELSEC-Q/L Series Integer Overflow or Wraparound (CVE-2024-1916)

Integer Overflow or Wraparound vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a target product by sending a specially crafted packet. This plugin only works with Tenable.ot....

Debian dsa-5667 : libtomcat9-embed-java - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5667 advisory. Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through...

Debian dsa-5668 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5668 advisory. Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page....

[slackware-security] freerdp

New freerdp packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/freerdp-2.11.6-i586-1_slack15.0.txz: Upgraded. This release is a security release and addresses multiple issues: [Low] OutOfBound...

Debian dsa-5666 : flatpak - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5666 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a...

Slackware: Security Advisory (SSA:2024-109-01)

The remote host is missing an update for...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6739-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6739-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6741-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6741-1 advisory. Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow...