Louis Dion-Marcil

Name of the Vulnerable Software and Affected Versions: Aviatrix Controller versions prior to 7.1.4208 Aviatrix Controller versions prior to 7.2.5090 Aviatrix Controller versions prior to 8.0.0 Description: The issue concerns the lack of rate limiting on password reset attempts in Aviatrix Controller, allowing adversaries to brute force guess the 6-digit password reset PIN. This has been exploited in real-world incidents, with Mandiant Red Team breaching Aviatrix Controller via authentication bypass and remote code execution flaws, gaining root access and AWS keys. Recommendations: For Aviatrix Controller versions prior to 7.1.4208, update to version 7.1.4208 or later to enforce rate limiting on password reset attempts. For Aviatrix Controller versions prior to 7.2.5090, update to version 7.2.5090 or later to enforce rate limiting on password reset attempts. For Aviatrix Controller versions prior to 8.0.0, update to version 8.0.0 or later to enforce rate limiting on password reset attempts. As a temporary workaround, consider implementing additional security measures to limit the risk of brute force attacks on password reset PINs, such as monitoring for suspicious activity or implementing a web application firewall.

Name of the Vulnerable Software and Affected Versions: Aviatrix Controller versions prior to 7.1.4208 Aviatrix Controller versions prior to 7.2.5090 Aviatrix Controller versions prior to 8.0.0 Description: The issue is related to the failure of the Aviatrix Controller to sanitize user input before passing it to command line utilities. This allows command injection via special characters in filenames. Recommendations: For versions prior to 7.1.4208, update to version 7.1.4208 or later. For versions prior to 7.2.5090, update to version 7.2.5090 or later. For versions prior to 8.0.0, update to version 8.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** Squid HTTP Caching Proxy versions prior to 4.0.23 **Description** The issue is related to a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing. This can result in Denial of Service to all clients of the proxy. The attack appears to be exploitable via a remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP requests. Additionally, there is an issue with buffer overflow when processing ESI responses or loading intermediate certificate authority certificates, which can also lead to a Denial of Service. **Recommendations** For Squid HTTP Caching Proxy versions prior to 4.0.23, update to version 4.0.23 or later to resolve the issue. As a temporary workaround, consider restricting access to the X-Forwarded-For header in HTTP responses until the update is applied.

Name of the Vulnerable Software and Affected Versions: Squid HTTP Caching Proxy versions 3.0 through 3.5.27 Squid HTTP Caching Proxy versions 4.0 through 4.0.22 Description: The issue is related to Incorrect Pointer Handling in ESI Response Processing, which can cause Denial of Service for all clients using the proxy. This can be exploited when a remote server delivers an HTTP response payload containing valid but unusual ESI syntax. Recommendations: For Squid HTTP Caching Proxy versions 3.0 through 3.5.27, update to version 4.0.23 or later. For Squid HTTP Caching Proxy versions 4.0 through 4.0.22, update to version 4.0.23 or later.