Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.
811819aa67b6ad1bef552d7cc55544b3fd1c366dc092a396d3d23c2d49bd1e36Many Moxa devices suffer from command injection, cross site scripting, and outdated software vulnerabilities.
91e5218cfa2c2452c1da0918b3b85328aad5bcf76352c949affc7a9a10a95a39The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.
5c8f473ce950d3d7fc4a502cd31cbb68d69766f0ee3d50da6ac20921262a4c65HP Security Bulletin HPSBGN03426 1 - A potential security vulnerability has been identified with HP Mobility Software (MSM). This is the GNU C Library (glibc) vulnerability known as "GHOST" which could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.
6091783b2289bfdb9b8675dbc360b5d56c867a5f613e76dfc179aa4453a06de0Apple Security Advisory 2015-10-21-4 - OS X El Capitan 10.11.1 and Security Update 2015-007 are now available and address memory corruption, code execution, and various other vulnerabilities.
29b89a7f94c21f47037df252cf87e2917cad436a38b6f9faf840a0c7ee609335Apple Security Advisory 2015-09-30-03 - OS X El Capitan 10.11 is now available and addresses close to 100 vulnerabilities that may exist in prior releases.
7a0709c784a5d4fb9ea404af89915bb4719339d731eebc17ca1e750e0b02747cApple Security Advisory 2015-06-30-2 - OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.
36670a2c92a10eed9caf9afd9dd5f818e184e427c1eddb4da037e0aebc712907HP Security Bulletin HPSBMU03330 1 - A potential security vulnerability has been identified with HP Matrix Operating Environment (MOE). This is the GlibC vulnerability known as "GHOST" which could be exploited remotely resulting in execution of code. Revision 1 of this advisory.
2b7ff05d5d322b1c2f6e571b435ddaca21eee8f65e751fcd8a7713a59a4e520eHP Security Bulletin HPSBGN03270 1 - A potential security vulnerability has been identified with HP Operations Analytics. This is the GlibC vulnerability known as "GHOST" which could be exploited remotely resulting in execution of code.. Revision 1 of this advisory.
ae6ac51f6c8b71f94dcab5da67541885375cdda1e86f387af7341ac1634e50adHP Security Bulletin HPSBGN03285 1 - Potential security vulnerabilities have been identified with these three packages. These vulnerabilities could be exploited to allow execution of code. HP Operation Agent Virtual Appliance for monitoring VMware vSphere environments (OAVA) HP Virtualization Performance Viewer for monitoring VMware vSphere environments (vPV VA) HP Operations Manager i 10.00 Virtual (OMi VA). Revision 1 of this advisory.
172838bdb356ce6ff085acbfa8cc07719e149fed64df6c1daaa6c456b43e7a32HP Security Bulletin HPSBHF03289 1 - A potential security vulnerability has been identified with HP ThinPro Linux This is the glibc vulnerability known as "GHOST", which could be exploited remotely to allow execution of arbitrary code. This update also addresses other vulnerabilities in SSL that would remotely allow denial of service, disclosure of information and other vulnerabilities. Revision 1 of this advisory.
382397e1a5db4b2ad8674375cd6e6e6384288664cd896f150a77ef9a0ae8d8cdThis Metasploit module remotely exploits CVE-2015-0235 (a.k.a. GHOST, a heap-based buffer overflow in the GNU C Library's gethostbyname functions) on x86 and x86_64 GNU/Linux systems that run the Exim mail server.
a904662b081b766808bd7e6e1ad410a102718e996535c406d1a81766eee34d73EMC Secure Remote Services Virtual Edition (ESRS VE) suffers from GHOST, remote SQL injection, and command injection vulnerabilities. Affected products include versions 3.02 and 3.03.
6b3ffdb9909af633f358b0989f2fbd7d173162224f69793af11938be23147164Gentoo Linux Security Advisory 201503-4 - Multiple vulnerabilities have been found in GNU C Library, the worst of which allowing a local attacker to execute arbitrary code or cause a Denial of Service. Versions less than 2.19-r1 are affected.
3be887081cfadc048cd5dd2fed5fc98110f1b24cf929e8adeeecd9c308657613Mandriva Linux Security Advisory 2015-039 - Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the gethostbyname2 function, aka GHOST. The updated packages have been patched to correct this issue.
2988cae9f4b2d9755cd45cfb07efe524d20a846420d827788fb6e9e8e45bb1e7Red Hat Security Advisory 2015-0126-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
d44426ffefcc6444f5b0e9c23919d3d7de8a73feffb3acd51ec8ab0294efb23bHP Security Bulletin HPSBGN03247 1 - A potential security vulnerability has been identified with HP IceWall SSO Dfw using glibc. This vulnerability could be used to remotely execute arbitrary code. Revision 1 of this advisory.
c247a001fb7cb66afedf08c18c082bfb2e5d83b4265b239bdf6b2f229d6c1fa4This is a whitepaper discussing mitigation of the Ghost glibc vulnerability as discussed in CVE-2015-0235.
77fdf5e2024f2bd5d09207c0e6a1b4251255bb6447af8bde63b893affd58ba12Slackware Security Advisory - New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and 14.1 to fix a security issue.
3d6fcd881648b54bc54e46c4ef60b3519d0791bdbb5d2cd4595f585e0f842fc9Exim ESTMP denial of service exploit that leverages the GHOST glibc gethostbyname buffer overflow.
5ecc35645890c0c48e753cb63b2c03579f6cc942a311b5aad37e578368a54b58Red Hat Security Advisory 2015-0101-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
74405882e85d1ed82abffab2b60dc45d12f3952a92ab2a5fd816bee6b62ea845Red Hat Security Advisory 2015-0099-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
07ae3d608c7bc928e164c5f0edd07d9fed0b40c519ef06bfed163e6e7f1b23faQualys Security Advisory - During a code audit performed internally at Qualys, they discovered a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions, so they decided to analyze it -- and its impact -- thoroughly, and named this vulnerability "GHOST".
ffa8d4a79d99689d850b8267b77bc648e3bd73f6426baa39b73870777ee69adbRed Hat Security Advisory 2015-0092-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
620c64a2aa97609a8171e047e7c827ed68c38df906fd7ea24237c738885f5d14Red Hat Security Advisory 2015-0090-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
344c688ffb8ddd28041911af7b947b4637ab2b0d272cf93ad900b34861ef6a7c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed