This Metasploit module exploits two separate remote command injection vulnerabilities in the Sophos Web Appliance versions 4.2.1.3 and below via the web administration interface. By sending a specially crafted request it's possible to inject system commands
7c4b3bbdbc3b0206bfe31759b404dcf843c219914e256a2ec58afefa528e061cSiklu Etherhaul versions prior to 7.4.0 suffer from an unauthenticated remote command execution vulnerability.
1488db4819cb3d631d5458d8303eb2a66ace7ffc1a16fa5a512858691028f7ceJava and Python both have URL handling code that can be leveraged for XML external entity (XXE) injection and SSRF attacks.
9f2a5aa311b233621706991238e47f4e31fc0b190ca89a1f42a16cfca5d09c4cUbuntu Security Notice 3210-1 - Ben Hayak discovered that it was possible to make LibreOffice Calc and Writer disclose arbitrary files to an attacker if a user opened a specially crafted file with embedded links.
eb76a721c6b299a108a59454abfea2068bb742c16cf457993916607f6caffb98Red Hat Security Advisory 2017-0309-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: Quick emulator built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on the host with privileges of Qemu process on the host.
b208a03f917075e83c83e02b7c9d9e67d01004db93202ffd0e4666086e2e5fbcRed Hat Security Advisory 2017-0307-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands. A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash.
f5626e12bf318a6ceba6e16077d4ef1c50c6d37818aae8533ea4a67d5ff5c19aRed Hat Security Advisory 2017-0316-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
b636031802de3b3dfef681e9912cabfab34e12ce63c092ae7a18e3a97f900150Joomla JaJobBoard component version 1.5 suffers from a remote SQL injection vulnerability.
cfd28026a2c362b9c3e90599bf6cb5ce173e37fdc75ad2d90aa1c2e8ec890d0aSynologic NAS suffers from an IP blocking bypass vulnerability.
c05fd9b53966972f034228ae1c6b8442f84c27015716fc54eb3e8028bd12c158Joomla Redshop component versions 1.4 and 1.5 suffer from a remote SQL injection vulnerability.
7bce940bba1c54337da78e867025227f7e701372484e0d4567c3ea084407f9f1Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
1358a0de753ab5359e04ec7e53b62294d1a11ffe2be493dddb0d143881681290Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
42ea42ab571cb90905e47fe3896b7fce98650d52f40b5c12c2dc1f09d580b0b1Ubuntu Security Notice 3211-1 - It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
ee725f310771fc35d7cc3ac15e95e4674c6a5a8b5ec3ed497c4f369a51d9cb9eFreeBSD Security Advisory - If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. Various other issues have also been identified.
fd0871f8f44d01650f47267d841a243c6a575b751f8b35d5ec24cc8563298df8Debian Linux Security Advisory 3791-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.
d4c6af8f0e3dd4d9e278a3515440e0936dca73862bdc065cf6bd5e2d14200203Red Hat Security Advisory 2017-0300-01 - The OpenStack Oslo Middleware library provides components that can be injected into WSGI pipelines to intercept request and response flows. The base class can be enhanced with functionality like adding or updating HTTP headers, or to offer support for limiting size or connections. Security Fix: An information-disclosure flaw was found in oslo.middleware. Software using the CatchError class could include sensitive values in a traceback's error message. Remote users could exploit this flaw to obtain sensitive information from OpenStack component error logs.
c3359bf03135b1a5ff63d07bd5d660438d80e7a084cdb79b79c57de44ee006f0Ubuntu Security Notice 3142-2 - USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes introduced a regression with text labels and a regression with the text coder. This update fixes the problem. It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Various other issues were also addressed.
6bd0ad7bc46bd1aec3d550bb978fdd2857a665eafe7bbbd3d348eff865feec3fDebian Linux Security Advisory 3788-2 - The update for tomcat8 issued as DSA-3788-1 caused that the server could return HTTP 400 errors under certain circumstances. Updated packages are now available to correct this issue.
9a471d0b8a11213787df65f14ac8faa29f4bd6795bfbb006a10eb21ea59d636dRed Hat Security Advisory 2017-0293-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
675d2cff55b3e4f76bda52e3edcac6e3540ae592d7cec108e0884eb508679175Red Hat Security Advisory 2017-0295-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
43f786bca525228053ddc893e7b07e03f946f70afcdc61825d743ae0d53139bcRed Hat Security Advisory 2017-0294-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol implementation freed SKB resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system.
0fb4e054d84d8aecf3a85b795c0e3c8be31aec44f88499706fea037f8323067bGentoo Linux Security Advisory 201702-32 - Ruby Archive::Tar::Minitar is vulnerable to a directory traversal attack. Versions prior to 0.6.1 are affected.
157e690b127e197b5e2dc69bc809ae8b72ef330c005521c03a4cf6eaf39f4814Gentoo Linux Security Advisory 201702-31 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which may allow execution of arbitrary code. Versions prior to 9.20-r1 are affected.
b3d656fb5ed70e42c11d5359cb050e758a1e9620ffbbe27b7796e55ec545d211Ubuntu Security Notice 3208-1 - It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. CAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service. Various other issues were also addressed.
06bc59f5224049671a0fcd3f4d851d69bdc6602bedb41005a8a51bcf1c98fa56Ubuntu Security Notice 3209-1 - It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service. Various other issues were also addressed.
fc8efec5bc02f4a0dd164d80178c39462832170db02485b791a003ea5eff78dd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed