CVE-2023-38403 – iperf3: memory allocation hazard and crash
https://notcve.org/view.php?id=CVE-2023-38403
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field. An integer overflow flaw was found in the way iperf3 dynamically allocates memory buffers for JSON-formatted messages. A remote attacker could send a specially crafted sequence of bytes on the iperf3 control channel with a specified JSON message length of 0xffffffff to trigger an integer overflow leading the receiving process to abort due to heap corruption. This flaw allows an attacker to use a malicious client to cause a denial of service of an iperf3 server or potentially use a malicious server to cause connecting clients to crash. • http://seclists.org/fulldisclosure/2023/Oct/24 http://seclists.org/fulldisclosure/2023/Oct/26 https://bugs.debian.org/1040830 https://cwe.mitre.org/data/definitions/130.html https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9 https://github.com/esnet/iperf/issues/1542 https://lists.debian.org/debian-lts-announce/2023/07/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce% • CWE-190: Integer Overflow or Wraparound •
CVE-2022-36782 – Pal Electronics Systems - Pal Gate Authorization Errors
https://notcve.org/view.php?id=CVE-2022-36782
Pal Electronics Systems - Pal Gate Authorization Errors. The vulnerability is an authorization problem in PalGate device management android client app. Gates of bulidings and parking lots with a simple button in any smartphone. The API was found after a decompiling and static research using Jadx, and a dynamic analasys using Frida. The attacker can iterate over all the IOT devices to see every entry and exit, on every gate and device all over the world, he can also scrape the server and create a user's DB with full names and phone number of over 2.8 million users, and to see all of the users' movement in and out of gates, even in real time. • https://www.gov.il/en/Departments/faq/cve_advisories •