ISHACK AI BOT

Debian: CVE-2024-50379: tomcat10, tomcat9 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/17/2024 Created 12/20/2024 Added 12/19/2024 Modified 01/20/2025 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. Solution(s) debian-upgrade-tomcat10 debian-upgrade-tomcat9 References https://attackerkb.com/topics/cve-2024-50379 CVE - 2024-50379 DLA-4017-1 DSA-5845-1

Huawei EulerOS: CVE-2024-52949: iptraf-ng security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/16/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack. Solution(s) huawei-euleros-2_0_sp12-upgrade-iptraf-ng References https://attackerkb.com/topics/cve-2024-52949 CVE - 2024-52949 EulerOS-SA-2025-1191

FreeBSD: VID-EF56065E-81FE-4731-A1E3-606C55925BEF: zeek -- potential DoS vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/16/2024 Created 12/19/2024 Added 12/18/2024 Modified 12/18/2024 Description Tim Wojtulewicz of Corelight reports: Large QUIC packets can cause Zeek to overflow memory and potentially crash. Due to the possibility of receiving these packets from remote hosts, this is a DoS risk. Solution(s) freebsd-upgrade-package-zeek

VMware Photon OS: CVE-2024-54677 Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 12/17/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-54677 CVE - 2024-54677

Huawei EulerOS: CVE-2024-52949: iptraf-ng security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/16/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack. Solution(s) huawei-euleros-2_0_sp11-upgrade-iptraf-ng References https://attackerkb.com/topics/cve-2024-52949 CVE - 2024-52949 EulerOS-SA-2025-1158

Debian: CVE-2024-56072: fastnetmon -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/15/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples. Solution(s) debian-upgrade-fastnetmon References https://attackerkb.com/topics/cve-2024-56072 CVE - 2024-56072 DSA-5837-1

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution Disclosed 12/16/2024 Created 02/17/2025 Description This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS), with the privileges of the site user of the targeted BeyondTrust product site. This exploit targets PRA and RS versions 24.3.1 and below. Author(s) sfewer-r7 Platform Linux,Unix Architectures cmd Development Source Code History

Debian: CVE-2024-56073: fastnetmon -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/15/2024 Created 12/31/2024 Added 12/30/2024 Modified 12/30/2024 Description An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service (divide-by-zero error and application crash). Solution(s) debian-upgrade-fastnetmon References https://attackerkb.com/topics/cve-2024-56073 CVE - 2024-56073 DSA-5837-1

OS X update for WebKit (CVE-2024-54534) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54534 CVE - 2024-54534 https://support.apple.com/en-us/121839

OS X update for SharedFileList (CVE-2024-54515) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2. A malicious app may be able to gain root privileges. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54515 CVE - 2024-54515 https://support.apple.com/en-us/121839

Debian: CVE-2024-53580: iperf3 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/31/2025 Added 01/30/2025 Modified 01/30/2025 Description iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. Solution(s) debian-upgrade-iperf3 References https://attackerkb.com/topics/cve-2024-53580 CVE - 2024-53580 DLA-4032-1

Apache Tomcat: Important: Remote Code Execution via write enabled Default Servlet (CVE-2024-50379) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/19/2024 Added 12/18/2024 Modified 12/23/2024 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. Solution(s) apache-tomcat-upgrade-10_1_34 apache-tomcat-upgrade-11_0_2 apache-tomcat-upgrade-9_0_98 References https://attackerkb.com/topics/cve-2024-50379 CVE - 2024-50379 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-11.html http://tomcat.apache.org/security-9.html

Alma Linux: CVE-2024-53580: Important: iperf3 security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. Solution(s) alma-upgrade-iperf3 References https://attackerkb.com/topics/cve-2024-53580 CVE - 2024-53580 https://errata.almalinux.org/8/ALSA-2025-0168.html https://errata.almalinux.org/9/ALSA-2025-0161.html

Debian: CVE-2024-12692: chromium -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/23/2024 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12692 CVE - 2024-12692 DSA-5834-1

Amazon Linux AMI 2: CVE-2024-53580: Security patch for iperf3 (ALAS-2025-2736) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/28/2025 Added 01/27/2025 Modified 01/27/2025 Description iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. Solution(s) amazon-linux-ami-2-upgrade-iperf3 amazon-linux-ami-2-upgrade-iperf3-debuginfo amazon-linux-ami-2-upgrade-iperf3-devel References https://attackerkb.com/topics/cve-2024-53580 AL2/ALAS-2025-2736 CVE - 2024-53580

Fortinet FortiManager:(CVE-2024-48889) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 12/18/2024 Created 01/09/2025 Added 01/08/2025 Modified 01/10/2025 Description An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below, version 7.2.7 to 7.2.1, version 7.0.12 to 7.0.1 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests. Solution(s) fortinet-fortimanager-upgrade-6_4_15 fortinet-fortimanager-upgrade-7_0_13 fortinet-fortimanager-upgrade-7_2_8 fortinet-fortimanager-upgrade-7_4_5 fortinet-fortimanager-upgrade-7_6_1 References https://attackerkb.com/topics/cve-2024-48889 CVE - 2024-48889 https://fortiguard.fortinet.com/psirt/FG-IR-24-425

Red Hat JBossEAP: Incorrect Implementation of Authentication Algorithm (CVE-2024-56128) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 12/18/2024 Created 01/08/2025 Added 01/07/2025 Modified 01/07/2025 Description Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1]. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the nonce sent by the server in its first message. However, Kafka's SCRAM implementation did not perform this validation. Impact: This vulnerability is exploitable only when an attacker has plaintext access to the SCRAM authentication exchange. However, the usage of SCRAM over plaintext is strongly discouraged as it is considered an insecure practice [2]. Apache Kafka recommends deploying SCRAM exclusively with TLS encryption to protect SCRAM exchanges from interception [3]. Deployments using SCRAM with TLS are not affected by this issue. How to Detect If You Are Impacted: If your deployment uses SCRAM authentication over plaintext communication channels (without TLS encryption), you are likely impacted. To check if TLS is enabled, review your server.properties configuration file for listeners property. If you have SASL_PLAINTEXT in the listeners, then you are likely impacted. Fix Details: The issue has been addressed by introducing nonce verification in the final message of the SCRAM authentication exchange to ensure compliance with RFC 5802. Affected Versions: Apache Kafka versions 0.10.2.0 through 3.9.0, excluding the fixed versions below. Fixed Versions: 3.9.0 3.8.1 3.7.2 Users are advised to upgrade to 3.7.2 or later to mitigate this issue. Recommendations for Mitigation: Users unable to upgrade to the fixed versions can mitigate the issue by: - Using TLS with SCRAM Authentication: Always deploy SCRAM over TLS to encrypt authentication exchanges and protect against interception. - Considering Alternative Authentication Mechanisms: Evaluate alternative authentication mechanisms, such as PLAIN, Kerberos or OAuth with TLS, which provide additional layers of security.. A flaw was found in Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM), which did not fully adhere to the requirements of RFC 5802. Specifically, as per RFC 5802, the server must verify that the nonce sent by the client in the second message matches the nonce sent by the server in its first message. However, Kafka's SCRAM implementation did not perform this validation. In environments where SCRAM is operated over plaintext communication channels, an attacker with access to the exchange can intercept and potentially reuse authentication messages, leveraging the weak nonce validation to gain unauthorized access. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-56128 CVE - 2024-56128 https://access.redhat.com/security/cve/CVE-2024-56128 https://bugzilla.redhat.com/show_bug.cgi?id=2333013 https://datatracker.ietf.org/doc/html/rfc5802 https://datatracker.ietf.org/doc/html/rfc5802#section-9 https://kafka.apache.org/documentation/#security_sasl_scram_security https://lists.apache.org/thread/84dh4so32lwn7wr6c5s9mwh381vx9wkw View more

Red Hat: CVE-2024-11614: dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library (Multiple Advisories) Severity 6 CVSS (AV:A/AC:L/Au:N/C:N/I:N/A:C) Published 12/18/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/10/2025 Description An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. Solution(s) redhat-upgrade-dpdk redhat-upgrade-dpdk-debuginfo redhat-upgrade-dpdk-debugsource redhat-upgrade-dpdk-devel redhat-upgrade-dpdk-doc redhat-upgrade-dpdk-tools References CVE-2024-11614 RHSA-2025:0208 RHSA-2025:0209 RHSA-2025:0210 RHSA-2025:0220 RHSA-2025:0222

FreeBSD: (Multiple Advisories) (CVE-2024-12695): electron32 -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/21/2024 Modified 02/14/2025 Description Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron32 freebsd-upgrade-package-ungoogled-chromium References CVE-2024-12695

OS X update for Kernel (CVE-2024-54531) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. An app may be able to bypass kASLR. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54531 CVE - 2024-54531 https://support.apple.com/en-us/121839

OS X update for libxpc (CVE-2024-44225) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.3, watchOS 11.2, tvOS 18.2, macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. An app may be able to gain elevated privileges. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44225 CVE - 2024-44225 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

OS X update for StorageKit (CVE-2024-44224) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to gain root privileges. Solution(s) apple-osx-upgrade-13_7_2 apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44224 CVE - 2024-44224 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840 https://support.apple.com/en-us/121842

OS X update for Swift (CVE-2024-54495) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 12/13/2024 Created 12/13/2024 Added 12/13/2024 Modified 01/28/2025 Description The issue was addressed with improved permissions logic. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-14_7_2 apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-54495 CVE - 2024-54495 https://support.apple.com/en-us/121839 https://support.apple.com/en-us/121840

OS X update for Foundation (CVE-2024-44291) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 12/13/2024 Created 12/17/2024 Added 12/13/2024 Modified 01/28/2025 Description A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.2, macOS Ventura 13.7.2, macOS Sonoma 14.7.2. A malicious app may be able to gain root privileges. Solution(s) apple-osx-upgrade-15_2 References https://attackerkb.com/topics/cve-2024-44291 CVE - 2024-44291 https://support.apple.com/en-us/121839

Invoice Ninja unauthenticated PHP Deserialization Vulnerability Disclosed 12/13/2024 Created 02/25/2025 Description Invoice Ninja is a free invoicing software for small businesses, based on the PHP framework Laravel. A Remote Code Execution vulnerability in Invoice Ninja (>= 5.8.22 <= 5.10.10) allows remote unauthenticated attackers to conduct PHP deserialization attacks via endpoint `/route/` which accepts a Laravel ciphered value which is unsafe unserialized, if an attacker has access to the APP_KEY. As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands, potentially resulting in complete system compromise, data exfiltration, or unauthorized access to sensitive information. Author(s) h00die-gr3y <[email protected]> Rémi Matasse Mickaël Benassouli Platform Linux,PHP,Unix Architectures php, cmd Development Source Code History