Titouan Lazard

**Name of the Vulnerable Software and Affected Versions** MUNGE versions 0.5.0 through 0.5.17 **Description** MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service used by workload managers like Slurm. A buffer overflow exists in the `munged` daemon, specifically within the ` msg unpack` function when processing messages. This allows a local attacker to potentially forge MUNGE credentials, leading to arbitrary code execution and potential privilege escalation to root. The vulnerability occurs when processing messages with an oversized address length field, corrupting the internal state of `munged` and enabling the extraction of the MAC subkey used for credential verification. The vulnerability has existed for approximately 20 years. Exploitation involves heap manipulation techniques like tcache poisoning and heap shaping. **Recommendations** Update to version 0.5.18 or later.

**Name of the Vulnerable Software and Affected Versions** Camera devices by UDP Technology, Geutebrück and other vendors (affected versions not specified) **Description** The issue concerns command injection, which may allow an attacker to remotely execute arbitrary code. This affects multiple camera devices from various vendors, including UDP Technology and Geutebrück. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UDP Technology camera devices (affected versions not specified) Geutebrück camera devices (affected versions not specified) **Description** The issue is related to a stack-based buffer overflow condition in the `profile` parameter. This may allow an attacker to remotely execute arbitrary code. Multiple camera devices from various vendors, including UDP Technology and Geutebrück, are affected. **Recommendations** For UDP Technology camera devices, restrict access to the `profile` parameter to minimize the risk of exploitation. For Geutebrück camera devices, avoid using the `profile` parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Geutebrück camera devices (affected versions not specified) UDP Technology camera devices (affected versions not specified) **Description** The issue is related to a stack-based buffer overflow condition in the `action` parameter, potentially allowing an attacker to remotely execute arbitrary code. **Recommendations** For Geutebrück camera devices, avoid using the `action` parameter in affected API endpoints until the issue is resolved. For UDP Technology camera devices, restrict access to the vulnerable module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Camera devices by UDP Technology, Geutebrück and other vendors (affected versions not specified) **Description** The issue concerns command injection, which may allow an attacker to remotely execute arbitrary code on multiple camera devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.