Sonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.
058ee4560dcd1576fb23b43fa5fe3a3d28b656aedb5f932919ce0ded272f97b3Red Hat Security Advisory 2017-1787-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a later upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and empty "AuthFile" options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.
9fe4cce5befb77f355add009553c2ae645b6b416db689aea5c036985f29dd3acUbuntu Security Notice 3356-2 - USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that Expat incorrectly handled certain external A entities. A remote attacker could possibly use this issue to cause A Expat to hang, resulting in a denial of service. Various other issues were also addressed.
7298e45947fd02ee7303731ee6ff6c66f34cd68f1cb5281ef16ac87653584963Ubuntu Security Notice 3356-1 - It was discovered that Expat incorrectly handled certain external entities. A remote attacker could possibly use this issue to cause Expat to hang, resulting in a denial of service.
2bfed7f069c4187c12f4e904e868cfc4cb0052fe6d136336fe816266ea7e4044Ubuntu Security Notice 3355-1 - Frediano Ziglio discovered that Spice incorrectly handled certain invalid monitor configurations. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
f481df33912bb2d773edf10b5d92627116d5d3c05a54eb0ff478f8396d9e6b16Ubuntu Security Notice 3212-3 - USN-3212-1 and USN-3212-2 fixed a vulnerability in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. A It was discovered that LibTIFF incorrectly handled certain malformed A images. If a user or automated system were tricked into opening a A specially crafted image, a remote attacker could crash the A application, leading to a denial of service, or possibly execute A arbitrary code with user privileges. Various other issues were also addressed.
f6649d7376a67bb72bac2ef5ba3d5a08ce63560aecf03229be010bd3ac125ae0Ubuntu Security Notice 3307-2 - USN-3307-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for ubuntu 12.04 ESM. A Karsten Heymann discovered that OpenLDAP incorrectly handled certain A search requests. A remote attacker could use this issue to cause slapd A to crash, resulting in a denial of service. Various other issues were also addressed.
6824128b7ce99a1b204ab1d8547f25786cb0ac458e388f96913fa120bc5b4c12Microsoft Windows 7 SP1 x86 GDI palette objects local privilege escalation exploit that leverages the vulnerability as described in MS17-017.
f2f3ac2e44e98b915bc1b9bb278776c5d36cde513f23de2ed87db28c491ddaf7WordPress Task Manager Pro version 1.31 suffers from multiple cross site scripting vulnerabilities.
0ab5b7ff53cae033bdc9d97690414d0d194da945e56fab67995ebaee9abbcdc2Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.
ed35a3243301479f8f9b453927d581a3dab42f8438d6ee27f9608582962fb66fSonicwall version 8.1.0.2-14sv importlogo/sitecustomization remote command execution exploit.
bad044d4acf954bf0f910ffc7f39881c4498bc687a9f36640cd739cd6638bdc3Citrix SD-WAN version 9.1.2.26.561201 logout cookie pre-authentication remote command injection exploit.
a9d18103386b7c5413eb695eaee5e1020ef143fa405d4b964605ff5561db732dSonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
329940cf4063e7a9fb0d94eae38b5e003d9143b085469fa57ef97279bed2d20eWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
ecf02c148c9ab6e809026ad5743fe9be1739a9840ef6fece6837a7ddfbdf7edcMicrosoft Internet Explorer suffers from a VBScript arithmetic function type confusion vulnerability.
f40f028ace681031a746b0e8ecc785e770f04baf897fa1f1b397ec507e8a1a00Bitcoin Core Wallet version 0.14.2 proof of concept crash exploit discovered while fuzzing.
227422a7226384706d19cbd6aad8395f75a94cb2710b5fb7d7a3539b4dc90ddb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed