The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new endpoints. This API endpoint also generates bearer tokens which the agent then uses to authenticate to the appliance. As the management web console is running on the same port as the API for the agents, this bearer token is also valid for any actions on the web console. This allows an attacker with network access to the appliance to start the registration of a new agent, retrieve a bearer token that provides admin access to the available functions in the web console. The web console contains multiple possibilities to execute arbitrary commands on both the agents (e.g., via PreCommands for a backup) and also the appliance (e.g., via a Validation job on the agent of the appliance). These options can easily be set with the provided bearer token, which leads to a complete compromise of all agents and the appliance itself.
0a04d87e79786492c7f8310b30dbd4d9633aeb386453fa387c188884aba1276fThis Metasploit module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.12. The vulnerable FortiManager Cloud versions are 7.4.1 through 7.4.4, 7.2.1 through 7.2.7, 7.0.1 through 7.0.12, and 6.4 (all versions).
b2e54e731409406acb805cc0ea0c9c798ab91d51bdf54a68cbbb6a2b772f054fOn Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originate may change all configuration files in the /etc/asterisk/ directory. Writing a new extension can be created which performs a system command to achieve RCE as the asterisk service user (typically asterisk). Default parking lot in FreePBX is called "Default lot" on the website interface, however its actually parkedcalls. Tested against Asterisk 19.8.0 and 18.16.0 on Freepbx SNG7-PBX16-64bit-2302-1.
aaa85ef431233c3a1132d94aecb8ae125513ea2870cf4cccc7e2d15d096664fbDebian Linux Security Advisory 5823-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems. Clement Lecigne and Benoit Sevens discovered that processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
a31f3217217260f9cc6b3797261d177b0a5c64059d03adfc60708cebd6989363Debian Linux Security Advisory 5815-2 - The update for needrestart announced as DSA 5815-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue.
e4da732c7109421262ae7c67dcae1ab0dd98c1e15fae44e55eab3242da0f8d02Paxton Net2 suffers from an insecure backend database issue that can lead to leaking sensitive information.
2df3e6ddf5bcc9864e0828ecf22cfb2e18be379e994ba5fdb2329889eb6af151This paper provides an in-depth technical explanation, illustration, and verification of discovered attacks affecting PlayReady on Windows 10 / 11 x64 that pertain to Warbird deficiencies, content key sniffer operation, magic XOR keys discovery, white-box crypto attack, and complete client identity compromise attacks.
09659cdb9a7e9c6b4914fb4ed35ec441311d7eae621b3a9dc8c2cdd6104ad765Ubuntu Security Notice 7135-1 - Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions.
15e106691a945ed26e31f38f92b93647710fa89aee4f786f838d6f00b1c8744dUbuntu Security Notice 7134-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.
6d8008e55a5a0291e99a4c52240f8604a17e9533c7d9802cf0493f7bc82b6e5cUbuntu Security Notice 7133-1 - Yuki Mogi discovered that HAProxy incorrectly handled the interpretation of certain HTTP requests. A remote attacker could possibly use this issue to perform a request smuggling attack and obtain sensitive information.
65c360822a6ce17b05d5039d48af705de63f0f84965cc39f2d48b21eb4b83cdbRed Hat Security Advisory 2024-10750-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
cc3b76a321b07451ccd4a98d6295a0d28eb596a019efaa31d2fa45255cda34ebRed Hat Security Advisory 2024-10748-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
5c70b0ac52212d2ffe5bfaa51f652b600406d955ea797ad1f34cb8e177bbb6c0Red Hat Security Advisory 2024-10745-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
f0433508b575d87eb0a524169d32e4baa14ff74e83f4bce9cd177b28a2018e52Red Hat Security Advisory 2024-10743-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
1b41204d2576dd6480a853e335cf56d27e7b76564c030868cf830b4c549dd7acRed Hat Security Advisory 2024-10742-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
5a6ebfb7706b8f885076f7842b9257694aed36f209ccd530e8b0039fe9eb846eRed Hat Security Advisory 2024-10739-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include a code execution vulnerability.
8da9b142d4f6d73118a68d6ab68c357c6bad5a8149f4588a2a8bafc9fc31eb9fRed Hat Security Advisory 2024-10736-03 - An update for the postgresql:15 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a code execution vulnerability.
bb51ac8cef004c181e876a326b4c1509c84cea1213943b2b832d18743fa3f511Red Hat Security Advisory 2024-10734-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
de1287224a68d746ba73ecbded1f74c5a358a6252255196a9a6070c14df3e5d6Red Hat Security Advisory 2024-10733-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
590e8d2a2aff8c2dda52de4f278b3d5416da53f120c0d05dcf7650593f0a90dfRed Hat Security Advisory 2024-10710-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
a439785ac6ae8a6a795acd6a06c3517089b1f9072e5b014bffcf56786e662f2dRed Hat Security Advisory 2024-10705-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
33ec33d0ee13262c6419e98d8e02b96d4e2dc68fce74c3058c063925bdfd4c6dRed Hat Security Advisory 2024-10703-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include bypass, cross site scripting, and spoofing vulnerabilities.
24f7a5b4373ec9f4b2b2d5eeda01ffc040e19a8c4faa4a1ca0b88c7612496940Red Hat Security Advisory 2024-10700-03 - Red Hat build of Apache Camel 4.8 for Spring Boot release and security update is now available. Issues addressed include privilege escalation and traversal vulnerabilities.
d5082d26d3b4249fc05b550936dc5ca01cf526f5a965e907a6a2c2798139f5cbRed Hat Security Advisory 2024-10696-03 - An update for python-werkzeug is now available for Red Hat OpenStack Platform 16.2. Issues addressed include a remote shell upload vulnerability.
90d3de321d80608613972f94a36a19d9c51d147328ab159a23fb79daa995dd2fRed Hat Security Advisory 2024-10517-03 - Red Hat OpenShift Container Platform release 4.17.7 is now available with updates to packages and images that fix several bugs.
1f3557cd396fb799bdf3e73fa0d35532b7696e4db4dbe7e206dfceab7c1aebdf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed