Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry

A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as the ICE London 2023 gaming industry trade fair event is scheduled to kick off next week. Israeli cybersecurity company Security Joes is tracking the activity cluster under the name Ice...

IP Spoofing

parse-server is vulnerable to IP Spoofing Attack Via HTTP Request Header. The vulnerability exists due to the incorrect implementation of the client IP address in the parse server option masterKeyIps of the library, which sets the allowed IP address to the the x-forwarded-for header value, allowi...

CVE-2022-24894: Prevent storing cookie headers in HttpCache

Affected versions Symfony versions =2.0.0, 4.4.50, = 5.0.0, 5.4.20, = 6.0.0, 6.0.20, = 6.1.0, 6.1.12, and = 6.2.0, 6.2.6 of the Symfony Security Bundle are affected by this security issue. The issue has been fixed in Symfony 4.4.50, 5.4.20, 6.0.20, 6.1.12, and 6.2.6. All other versions are not...

Micro Focus GroupWise Session ID Disclosure Vulnerability

Micro Focus GroupWise is a messaging software for email and personal information management. Trovent Security GmbH discovered that the GroupWise web application transmits the session ID in HTTP GET requests in the URL when email content is accessed. The exposed session ID can be recorded in the...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2023:0446)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0446 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward unparseabl...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working

A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality...

Critical: cacti

Issue Overview: A flaw was found in how Cacti grants authorization based on IP address which allows authentication bypass, and possibly arbitrary command execution if a polleritem configured with a POLLERACTIONSCRIPTPHP action is present. This updated cacti package adds a feature allowing an...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

RHEL 8 : python-django (RHSA-2020:1324)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1324 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as muc...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working

A flaw was found in net/http/httputil golang package. When httputil.ReverseProxy.ServeHTTP is called with a Request.Header map containing a nil value for the X-Forwarded-For header, ReverseProxy could set the client IP incorrectly. This issue may affect confidentiality...

Debian: Security Advisory (DSA-5311-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Tomcat 10.0.0-M1 < 10.0.27 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0. It is, therefore, affected by a request smuggling vulnerability. If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader t...

Apache Tomcat 8.5.x < 8.5.83 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0. It is, therefore, affected by a request smuggling vulnerability. If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader t...

Apache Tomcat 9.0.0-M1 < 9.0.68 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0. It is, therefore, affected by a request smuggling vulnerability. If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader t...

Apache Tomcat 10.1.0-M1 < 10.1.1 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0. It is, therefore, affected by a request smuggling vulnerability. If Tomcat was configured to ignore invalid HTTP headers via setting rejectIllegalHeader t...

GHSA-XV6X-456V-24XH gotify/server vulnerable to Cross-site Scripting in the application image file upload

Impact The XSS vulnerability allows authenticated users to upload .html files. With that, an attacker could execute client side scripts if another user opened a link, such as: https://push.example.org/image/alphanumeric string.html An attacker could potentially take over the account of the user...

Spoofing

Gotify server is a simple server for sending and receiving messages in real-time per WebSocket. Versions prior to 2.2.2 contain an XSS vulnerability that allows authenticated users to upload .html files. An attacker could execute client side scripts if another user opened a link. The attacker cou...