MiracleLinux 8 : booth-1.1-1.el8_10.1 (AXSA:2024-8489:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8489:04 advisory. booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server CVE-2024-3049 Tenable has extracted the preceding description block...

MiracleLinux 8 : booth-1.0-199.1.ac1d34c.git.el8.1 (AXSA:2022-3841:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3841:01 advisory. booth: authfile directive in booth config file is completely ignored. CVE-2022-2553 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : booth-1.1-1.el9_4.1 (AXSA:2024-8153:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8153:02 advisory. booth: specially crafted hash can lead to invalid HMAC being accepted by Booth server CVE-2024-3049 Tenable has extracted the preceding description block...

MiracleLinux 9 : booth-1.0-251.3.bfb2f92.git.el9.1 (AXSA:2023-5095:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5095:03 advisory. booth: authfile directive in booth config file is completely ignored. CVE-2022-2553 Tenable has extracted the preceding description block directly from the...

CVE-2022-2553 affecting package booth for versions less than 1.0-8

CVE-2022-2553 affecting package booth for versions less than 1.0-8. A patched version of the package is available...

CVE-2024-3049 affecting package booth for versions less than 1.2-1

CVE-2024-3049 affecting package booth for versions less than 1.2-1. An upgraded version of the package is available that resolves this issue...

A week in security (December 15 – December 21)

Last week on Malwarebytes Labs: CISA warns ASUS Live Update backdoor is still exploitable, seven years on The ghosts of WhatsApp: How GhostPairing hijacks accounts Chrome extension slurps up AI chats after users installed it for privacy Two Chrome flaws could be triggered by simply browsing the...

TencentOS Server 3: booth (TSSA-2022:0232)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0232 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

EUVD-2008-4745

Malware in sbrugna...

EUVD-2024-31656

Malicious code in bioql PyPI...

Malicious code in test-mlw2-booth-banks (npm)

The package test-mlw2-booth-banks was found to contain malicious code...

MAL-2025-34988 Malicious code in test-mlw2-booth-banks (npm)

The package test-mlw2-booth-banks was found to contain malicious code...

TencentOS Server 3: booth (TSSA-2024:0390)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0390 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Impressions from PHDays Fest

Impressions from PHDays Fest. The scale was just insane. You walk and walk - and there's action everywhere, and all of it is PHDays, every bit of it. It totally blew my mind, I saw just a tiny fraction of everything that was going on. In the public area, I was impressed by the university pavilion...

booth bug fix and enhancement update

An update is available for booth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10...

booth bug fix and enhancement update

An update is available for booth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.5...

Linux Distros Unpatched Vulnerability : CVE-2024-3049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcrymdgetalgodlen, it may allow an invalid HMAC to be accepted by...

Debian: Security Advisory (DSA-5777-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5777-1] booth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5777-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2024 https://www.debian.org/security/faq -...

Debian dsa-5777 : booth - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5777 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5777-1 [email protected] https://www.debian.org/security/ Moritz...