Cisco Security Advisory - A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.
d7ed846fd6ca8dcae4206ce7734247e29aa55be5e168fad0c5556574405675eeDebian Linux Security Advisory 3641-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.
171a166d3418bd10a7c29d4d619d66cf69f6fa2e29276ff7a73cef8c5bc549f3Ubuntu Security Notice 3046-1 - Yves Younan and Richard Johnson discovered that LibreOffice incorrectly handled presentation files. If a user were tricked into opening a specially crafted presentation file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
12a124b6b3f752559ac8080acff816bba17fdb6a8d50dcbca10baa185ab91344Red Hat Security Advisory 2016-1573-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line() function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code.
8ecfd4468bdf5c270b2a694d9f7eb8b66f3441dff021e7acaf9b4ba8c23716ceUbuntu Security Notice 3041-1 - Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service or execute arbitrary code. It was discovered that the PPAPI implementation does not validate the origin of IPC messages to the plugin broker process. A remote attacker could potentially exploit this to bypass sandbox protection mechanisms. Various other issues were also addressed.
a894dd337e1dbc99720884f2cbf398faec9048d78d41ec516e1a6b452cd51967Ubuntu Security Notice 3044-1 - Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. Toni Huttunen discovered that once a favicon is requested from a site, the remote server can keep the network connection open even after the page is closed. A remote attacker could potentially exploit this to track users, resulting in information disclosure. Various other issues were also addressed.
107aea46d43767c24d152b35ee26b6d29d2d088ed48f4b1e3d272428623578a4Ubuntu Security Notice 3047-1 - Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use th is issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor Various other issues were also addressed.
bcefab0e4c0425ce4a72b7328693b95ea5ed7a47800b8d6f73f293a7b21d1431Secunia Research has discovered a vulnerability in LibGD, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an integer overflow error within the "_gdContributionsAlloc()" function (gd_interpolation.c) and can be exploited to cause an out-of-bounds memory write access or exhaust available memory. Version 2.2.2 is affected.
92998209c35159f509bfca3cc0a070d94e80e86cc3547b28a2fad9d5f643df14The SySS GmbH found out that the web server of VMware ESXi 6 is vulnerable to HTTP response injection attacks, as arbitrarily supplied URL parameters are copied in the HTTP header Location of the server response without sufficient input validation. Thus, an attacker can create a specially crafted URL with a specific URL parameter that injects attacker-controlled data to the response of the VMware ESXi web server. Depending on the context, this allows different attacks. If such a URL is visited by a victim, it may for example be possible to set web browser cookies in the victim's web browser, execute arbitrary JavaScript code, or poison caches of proxy servers.
0ea7840b55195ffc59088e4202c17bca17d25971220fb512df76ebf66e0575f9Subrion CMS version 4.0.5 suffers from a remote SQL injection vulnerability.
bb75027c0fd8158ce62624a0f4ce805abec0311edb5fed4a326ca7c2c75fef12Typesettercms version 5.0.1 suffers from a cross site request forgery vulnerability.
97f93bf58a656584b78e206066c4d69552a6049b2f557986e6908db85e94f3b8The Reports Summary functionality of FortiCloud suffers from multiple cross site scripting vulnerabilities.
9da9ff1510507abfc56a0369b5d84e17ad47e2ad9a5bf8e9c340f67c0b7662c3This Metasploit module serves payloads via an SMB server and provides commands to retrieve and execute the generated payloads. Currently supports DLLs and Powershell.
5b9116475555e1a210055376f6f5b609d8eb365cce5fbb76c27ed32be445400eSophos EAS Proxy is part of the Enterprise Mobility Management (EMM) platform Sophos Mobile Control, which allows control of mail access for managed mobile devices. Anonymous attackers can access any web-resources of the backend mail system like Microsoft Exchange or IBM Domino, if Lotus Traveler option is enabled. Brute force attacks against users in the backend mail system are also possible. Version 3.5.0.3 is affected.
13292e8189bb32eb950d3a3ed393223e5c68751d34f25e1d5312f596b3dfaf82Davolink DV-2051 suffers from a missing access control vulnerability.
529fab643e46a9923439cedec6433afa1d5748b5345eb0c43795400ba84a058cPHP Power Browse version 1.2 suffers from a path traversal vulnerability.
8b8a162d3c14e0c64a9a05aaa6b102b2d3a4f2860961284d59c4a70a705e79fdntop versions 2.3 through 2.5 suffer from cross site request forgery and multiple command execution vulnerabilities.
770164a4c0f417e2ef356a07c6c292ea91afaec8f9f033750324569d2304ea69
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed