Emmanuel Bouillon

**Name of the Vulnerable Software and Affected Versions** libtiff versions prior to 4.0.3 libtiff-debuginfo versions 3.8.2, 3.9.4 libtiff-static versions 3.9.4 libtiff-devel versions 3.9.4 **Description** The issue involves multiple vulnerabilities in the libtiff package, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service or allowing the execution of arbitrary code via a crafted TIFF image file. The t2p process jpeg strip function in tiff2pdf is specifically affected by a heap-based buffer overflow. **Recommendations** For libtiff versions prior to 4.0.3, update to version 4.0.3 or later. For libtiff-debuginfo versions 3.8.2, 3.9.4, update to a version that is not affected by the vulnerability. For libtiff-static versions 3.9.4, update to a version that is not affected by the vulnerability. For libtiff-devel versions 3.9.4, update to a version that is not affected by the vulnerability. As a temporary workaround, consider disabling the t2p process jpeg strip function in tiff2pdf until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libtiff versions prior to 4.0.3 **Description** The issue is related to multiple vulnerabilities in the libtiff package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. A specific vulnerability is a stack-based buffer overflow in the `t2p write pdf page` function in `tiff2pdf` in libtiff before 4.0.3, allowing remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file. **Recommendations** For versions prior to 4.0.3, update to version 4.0.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `t2p write pdf page` function in `tiff2pdf` until a patch is available. Avoid using crafted TIFF image files that could exploit the buffer overflow vulnerability until the issue is resolved. At the moment, there is no other information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** MIT Kerberos 5 versions 1.10.x through 1.10.2 MIT Kerberos 5 versions prior to 1.11.4 **Description** The issue is related to the `process as req` function in the Key Distribution Center (KDC) of MIT Kerberos 5, which does not initialize a certain structure member. This allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed AS-REQ request. Multiple vulnerabilities in the mit-krb5 package can lead to violations of confidentiality, integrity, and availability of protected information, and can be exploited remotely. **Recommendations** For versions 1.10.x through 1.10.2, update to version 1.10.3 or later. For versions prior to 1.11.4, update to version 1.11.4 or later. As a temporary workaround, consider restricting access to the KDC to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** krb5 versions 1.8.x through 1.9.x before 1.9.5 krb5 versions 1.10.x before 1.10.3 krb5-1.9 versions krb5-workstation-1.9 versions krb5-debuginfo-1.9 versions krb5-libs-1.9 versions krb5-devel-1.9 versions krb5-server-1.9 versions krb5-pkinit-openssl-1.9 versions krb5-server-ldap-1.9 versions mit-krb5 versions prior to 1.11.4 **Description** The issue affects the Key Distribution Center (KDC) in MIT Kerberos 5, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted AS-REQ request. This is due to the kdc handle protected negotiation function attempting to calculate a checksum before verifying that the key type is appropriate for a checksum, leading to potential heap memory corruption and daemon crash. The exploitation of these vulnerabilities can lead to a violation of confidentiality, integrity, and availability of protected information. **Recommendations** For krb5 versions 1.8.x through 1.9.x before 1.9.5, update to version 1.9.5 or later. For krb5 versions 1.10.x before 1.10.3, update to version 1.10.3 or later. For mit-krb5 versions prior to 1.11.4, update to version 1.11.4 or later. As a temporary workaround, consider restricting access to the KDC until a patch is available. Avoid using the vulnerable `kdc handle protected negotiation` function until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Splunk versions 4.2.x through 4.2.4 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the affected system. **Recommendations** For versions 4.2.x through 4.2.4, update to version 4.2.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** scsi-target-utils versions prior to 1.0.14 tgt versions prior to 1.0.14 **Description** The issue is related to a double free vulnerability in the `iscsi rx handler` function, which can lead to memory corruption and a crash, potentially allowing remote attackers to execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. The vulnerability can be exploited remotely, leading to a denial of service and possible arbitrary code execution. **Recommendations** For scsi-target-utils versions prior to 1.0.14, update to version 1.0.14 or later to resolve the issue. For tgt versions prior to 1.0.14, update to version 1.0.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the `tgtd` daemon until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MIT Kerberos 5 versions 1.7 through 1.7.1 MIT Kerberos 5 version 1.8 alpha mit-krb5 versions prior to 1.9.2-r1 **Description** The issue allows remote attackers to cause problems with the system, including a denial of service, by sending invalid requests. Specifically, an invalid AS-REQ or TGS-REQ request can cause an assertion failure and daemon crash. The vulnerability may also lead to issues with confidentiality, integrity, and availability of protected information. **Recommendations** For MIT Kerberos 5 versions 1.7 through 1.7.1, update to version 1.7.2 or later. For MIT Kerberos 5 version 1.8 alpha, update to a stable version. For mit-krb5 versions prior to 1.9.2-r1, update to version 1.9.2-r1 or later. As a temporary workaround, consider restricting access to the KDC to minimize the risk of exploitation.