Apple Security Advisory 2017-09-19-1 - iOS 11 is now available and addresses cross site scripting, denial of service, and various other vulnerabilities.
9ee202aa152d60cfa872edd8b90b9234Debian Linux Security Advisory 3976-1 - Marcin 'Icewall' Noga of Cisco Talos discovered two vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened.
8b3157a35081512438053a2d850fe273VLC Media Player iOS application version 2.7.8 suffers from a file disclosure vulnerability.
617910a26e18078b120c91cf74d082b0Apple iOS versions prior to 10.3.1 kernel exploit that demonstrates a sandbox escape.
311b9eebfc13e7585ba45c6c216b3f47Debian Linux Security Advisory 3929-1 - Aleksandar Nikolic of Cisco Talos discovered a stack-based buffer overflow vulnerability in libsoup2.4, a HTTP library implementation in C. A remote attacker can take advantage of this flaw by sending a specially crafted HTTP request to cause an application using the libsoup2.4 library to crash (denial of service), or potentially execute arbitrary code.
bf9f0e7122198d80786be78570d59aeeHP Security Bulletin HPESB3P03762 1 - HPE StoreFabric C-series Switch Software uses Ciscos Prime Data Center Network Manager (DCNM). Cisco has identified a remote code execution vulnerability in two versions of Cisco Prime Data Center Network Manager (DCNM) which HPE had included for download for customers under contract from the HPE Support Center. The affected versions of DCNM are 10.1(1) and 10.1(2). HPE bundled these DCNM versions with the following MDS and Nexus firmware downloads: * MDS 7.3(0)DY(1), released February 2017 * MDS 7.3(1)DY(1), released April 2017 * Nexus 5.2(1)N1(9b), released May 2017 **Note:** A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information or execute arbitrary code with root privileges on an affected system. The vulnerability is due to the lack of authentication and authorization mechanisms for a debugging tool that was inadvertently enabled in the affected software. An attacker could exploit this vulnerability by remotely connecting to the debugging tool via TCP. A successful exploit could allow the attacker to access sensitive information about the affected software or execute arbitrary code with root privileges on the affected system. Revision 1 of this advisory.
67518920118a80159359d122684f6e35macOS and iOS sandbox escapes and privilege escalation vulnerabilities exist due to unexpected shared memory-backed xpc_data objects.
19f6fc5bf96e23f9e9f9a4af9ec8737eTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
5d909cfea627a1f2482b82dfbd64956cApple Security Advisory 2017-07-19-1 - iOS 10.3.3 is now available and addresses code execution, memory corruption, and various other vulnerabilities.
8c0895fdc3becd88ea61b4c102a0c59bVarious GPC Sanitization bypasses exist in Cisco WebEx that can permit from arbitrary remote command execution.
d813975ef580e832e44c2ebb87aba929Cisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.
3d75aff532e38b6b2a6184d2c0b2e44dWhitepaper called SYN Flood Attack for IP Cisco Phone. Written in French.
d236839b9f4ea29e19d287fe756a995aCisco Prime Infrastructure versions 1.1 through 3.1.6 suffer from cross site scripting, XML external entity injection, file disclosure, and remote SQL injection vulnerabilities.
a015626c21297363f1b2f3b6319821c8Apple Security Advisory 2017-05-15-2 - iOS 10.3.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
15f38e3c3854fe955222968c9e625838THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
20e097ff7ee11f1c02a9fd2e626a2f97Cisco Catalyst 2960 with IOS version 12.2(55)SE1 ROCEM remote code execution exploit.
3a6c0e64cf90f6b40458df2e040554daCisco Catalyst 2960 with IOS version 12.2(55)SE11 ROCEM remote code execution exploit.
252028a693dd29d6d6ffaef31e0a9c10Apple Security Advisory 2017-03-27-4 - iOS 10.3 is now available and addresses code execution, information disclosure, denial of service, and various other vulnerabilities.
ca8150c7012917f3969636d4fd66d8d6Apple Security Advisory 2017-03-27-1 - Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now available and address a weak cryptography issue.
a4e134fb7437ffb40c56bec9fd86b2f2Cisco Security Advisory - A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
db1158a1833f92338a1506959e37f3e0Cisco Security Advisory - A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
e1d8a64df5c5d1e4358f2c447f147794Cisco Security Advisory - A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
8e211358e033468251f63614e5b2fb40Cisco Security Advisory - A vulnerability in the DHCP client implementation of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
93df32052601d328373b0ac491815e96Cisco Security Advisory - A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and The incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
e95dfb301f191a5ec25fd4391f2377a8Cisco Security Advisory - A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
af82f329130248200b1336e3f5f2352f
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed