A week in security (March 20 - 26)

Last week on Malwarebytes Labs: How to avoid potentially unwanted programs "ViLE" members posed as police officers and extorted victims Google reveals 18 chip vulnerabilities threatening mobile, wearables, vehicles A look at a Magecart skimmer using the Hunter obfuscator The NBA tells fans about...

FreeBSD : libXpm -- Issues handling XPM files (38f213b6-8f3d-4067-91ef-bf14de7ba518)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 38f213b6-8f3d-4067-91ef-bf14de7ba518 advisory. - A flaw was found in libXpm. When processing a file with width of 0 and a very large height,...

Design/Logic Flaw

Creative Cloud version 5.9.1 and earlier is affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources...

How to avoid potentially unwanted programs

If youve ever downloaded software onto your computer, chances are youve unknowingly cluttered your machine with PUPs. Heres what you need to know about these sneaky programs. What are PUPs? If you're thinking baskets of doe-eyed baby dogs, then you're sadly mistaken. PUPs is the acronym for...

openssl: invalid pointer dereference in d2i_PKCS7 functions

A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2iPKCS7, d2iPKCS7bio or d2iPKCS7fp functions. This may result in an application crash which could lead to a denial of service. The TLS implementati...

EulerOS 2.0 SP9 : libXpm (EulerOS-SA-2023-1475)

According to the versions of the libXpm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and c...

Amazon Linux AMI : libXpm (ALAS-2023-1693)

The version of libXpm installed on the remote host is prior to 3.5.10-2.10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1693 advisory. A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will b...

Ukraine Suffered More Wiper Malware in 2022 Than Anywhere, Ever

As Russia has accelerated its cyberattacks on its neighbor, it's barraged the country with an unprecedented volume of different data-destroying programs...

Probable_Subdomains - Subdomains Analysis And Generation Tool. Reveal The Hidden!

Online tool: https://weakpass.com/generate/domains TL;DR During bug bounties, penetrations tests, red teams exercises, and other great activities, there is always a room when you need to launch amass, subfinder, sublister, or any other tool to find subdomains you can use to break through - like...

[SECURITY] Fedora 36 Update: ImageMagick-6.9.12.77-1.fc36

ImageMagick is an image display and manipulation tool for the X Window System. ImageMagick can read and write JPEG, TIFF, PNM, GIF, and Photo CD image formats. It can resize, rotate, sharpen, color reduce, or add special effects to an image, and when finished you can either save the completed wor...

Important: libXpm

Issue Overview: A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. CVE-2022-44617 A flaw was found ...

K15156: OpenSSH vulnerability CVE-2009-2904

Security Advisory Description A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files withi...

K94041354: OpenSSL vulnerability CVE-2019-1552

Security Advisory Description OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configurati...

Web-Hacking-Playground - Web Application With Vulnerabilities Found In Real Cases, Both In Pentests And In Bug Bounty Programs

Web Hacking Playground is a controlled web hacking environment. It consists of vulnerabilities found in real cases, both in pentests and in Bug Bounty programs. The objective is that users can practice with them, and learn to detect and exploit them. Other topics of interest will also be addresse...

SUSE CVE-2004-1070

The loadelfbinary function in the binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernelread function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary...

SUSE CVE-2004-1453

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LDDEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program...

SUSE CVE-2005-0076

Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library...

SUSE CVE-2008-3107

Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.218 allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as...

SUSE CVE-2008-3109

Unspecified vulnerability in scripting language support in Sun Java Runtime Environment JRE in JDK and JRE 6 Update 6 and earlier allows context-dependent attackers to gain privileges via an untrusted 1 application or 2 applet, as demonstrated by an application or applet that grants itself...

SUSE CVE-2009-2904

A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, relate...