CyberSecurity news
FlagThis - #securitypatch
|
info@thehackernews.com (The Hacker News)@The Hacker News - 67d
The Apache Software Foundation has issued critical security updates to address severe vulnerabilities affecting several of its products, including MINA, HugeGraph-Server, and Traffic Control. These updates are crucial as the identified flaws could potentially allow attackers to compromise systems. Specifically, a SQL Injection vulnerability was discovered in Apache Traffic Control.
Security teams are being urged to immediately patch the 9.9 severity vulnerability within the web content distribution platform. The identified issues highlight a serious risk of exploitation, and it is essential that organizations using these Apache products prioritize applying the latest security updates to protect their systems from potential cyber attacks. The release of these security fixes underscores the continuous need for vigilance in maintaining secure software infrastructures. Recommended read:
References :
openwall.com via lattera@lobste.rs - 46d
Multiple vulnerabilities have been discovered in rsync, a widely used file transfer program, totaling six distinct security flaws. The most severe of these is a critical remote code execution (RCE) vulnerability identified as CVE-2024-12084. This flaw allows an attacker with only anonymous read access to an rsync server, often found in public mirrors, to execute arbitrary code on the server. This highlights the serious risk facing systems running vulnerable versions of rsync, particularly those with exposed rsync servers. The vulnerability stems from improper handling of checksum lengths.
Other discovered vulnerabilities include information leaks and symlink issues. There is also the potential for an attacker to enumerate the contents of arbitrary files on a client's machine when copying files to a server. To mitigate all six vulnerabilities, users and administrators are strongly advised to upgrade to rsync version 3.4.0, released on January 14th. However, a regression was found in 3.4.0, so version 3.4.1 is now available. It's crucial to apply this patch, especially for systems running the rsyncd daemon. Recommended read:
References :
info@thehackernews.com (The Hacker News)@The Hacker News - 26d
Google has released the February 2025 Android security updates, patching a total of 48 vulnerabilities. Among these fixes is a critical zero-day kernel vulnerability, identified as CVE-2024-53104, which Google has confirmed is being actively exploited in the wild. This particular flaw is a privilege escalation issue found within the USB Video Class (UVC) driver, potentially allowing attackers to gain elevated permissions on affected devices.
The vulnerability, with a CVSS score of 7.8, stems from an out-of-bounds write condition within the "uvc_parse_format()" function of the "uvc_driver.c" program, specifically when parsing UVC_VS_UNDEFINED frames. This flaw, present since Linux kernel version 2.6.26 released in mid-2008, could lead to memory corruption, program crashes, or even arbitrary code execution. While the specific actors behind the exploitation remain unclear, the potential for "physical" privilege escalation raises concerns about misuse by forensic data extraction tools. Recommended read:
References :
Ashish Khaitan@The Cyber Express - 66d
Multiple critical vulnerabilities have been identified in several Apache software products, posing significant risks to users. The Cyber Security Agency of Singapore has issued alerts regarding these flaws, urging immediate updates. CVE-2024-43441 affects Apache HugeGraph-Server, allowing for authentication bypass, potentially granting unauthorized access to systems. Another critical issue, CVE-2024-45387, has been discovered in Apache Traffic Control and is a SQL injection vulnerability that can be exploited by privileged users to execute arbitrary SQL commands, risking data manipulation or exfiltration.
Apache MINA is also affected by CVE-2024-52046 which allows remote code execution through deserialization flaws. It is crucial that users apply security patches promptly. For Apache MINA, additional configuration is required to restrict class deserialization further mitigating the risk. Furthermore, a high-risk vulnerability, CVE-2024-56512, has been found in Apache NiFi, a data processing and distribution system, which can expose sensitive information to unauthorized users, especially if using component-based authorization policies. A patch for NiFi has been issued in version 2.1.0, users should upgrade immediately. Recommended read:
References :
@securityonline.info - 31d
TeamViewer has released patches to address a high-severity privilege escalation vulnerability affecting its Windows client and host applications. The vulnerability, identified as CVE-2025-0065, has a CVSS score of 7.8, indicating a significant risk. The flaw stems from improper handling of argument delimiters in the "TeamViewer_service.exe" component. This could allow a local, unprivileged attacker to inject malicious arguments, thereby gaining elevated privileges on the compromised system potentially granting full control. The vulnerability affects TeamViewer clients for Windows prior to version 15.62.
While there is no evidence that this vulnerability is being exploited in the wild, TeamViewer is strongly urging all Windows users to update to the latest available versions of the client, specifically version 15.62 or later, to mitigate any potential risk. The vulnerability was discovered by an anonymous researcher working with Trend Micro Zero Day Initiative. TeamViewer has released updated packages for TeamViewer Remote and TeamViewer Tensor including versions 11.0.259318, 12.0.259319, 13.2.36226, 14.7.48799 and 15.62 for both full client and host versions, available for download on their website. Recommended read:
References :
@ciso2ciso.com - 10d
References:
securityaffairs.com
, ciso2ciso.com
,
Atlassian has released security patches to address 12 critical and high-severity vulnerabilities affecting multiple products, including Bamboo, Bitbucket, Confluence, Crowd, and Jira. The patches address five critical-severity issues in Confluence Data Center and Server and Crowd Data Center and Server that were discovered in third-party dependencies used within the two products.
Updates released for Confluence Data Center and Server address two critical flaws in Apache Tomcat, tracked as CVE-2024-50379 and CVE-2024-56337 (CVSS score of 9.8). These issues could be exploited by unauthenticated attackers to achieve remote code execution. Atlassian urges customers to update their installations as soon as possible. Recommended read:
References :
|