Security News

CVE-2017-16651

National Vulnerability Database - Thu, 11/09/2017 - 09:29
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.
Categories: Security News

Vuln: Multiple Asterisk Products Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/09/2017 - 00:00
Multiple Asterisk Products Information Disclosure Vulnerability
Categories: Security News

Vuln: Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/09/2017 - 00:00
Multiple Asterisk Products CDR Remote Buffer Overflow Vulnerability
Categories: Security News

Vuln: Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/09/2017 - 00:00
Multiple Asterisk Products 'pjproject ' Buffer Overflow Vulnerability
Categories: Security News

Vuln: Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/09/2017 - 00:00
Linux Kernel 'drivers/net/usb/cdc_ether.c' Local Denial of Service Vulnerability
Categories: Security News

CVE-2017-16673

National Vulnerability Database - Wed, 11/08/2017 - 23:29
Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming connections. This allows an attacker to impersonate a Datto Backup Appliance to "pair" with the agent and issue requests to this agent, if the attacker can reach the agent on TCP port 25566 or 25568, and send unspecified "specific information" by which the agent identifies a network device that is "appearing to be a valid Datto."
Categories: Security News

CVE-2017-16674

National Vulnerability Database - Wed, 11/08/2017 - 23:29
Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an attack with a malformed primary whitelisted command and a secondary non-whitelisted command. This affects Datto Windows Agent (DWA) 1.0.5.0 and earlier. In other words, an attacker could combine this "primary/secondary" attack with the CVE-2017-16673 "rogue pairing" attack to achieve unauthenticated access to all agent machines running these older DWA versions.
Categories: Security News

CVE-2017-16669

National Vulnerability Database - Wed, 11/08/2017 - 19:29
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to the AcquireCacheNexus function in magick/pixel_cache.c.
Categories: Security News

CVE-2017-16671

National Vulnerability Database - Wed, 11/08/2017 - 19:29
A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. No size checking is done when setting the user field for Party B on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. NOTE: this is different from CVE-2017-7617, which was only about the Party A buffer.
Categories: Security News

CVE-2017-16672

National Vulnerability Database - Wed, 11/08/2017 - 19:29
An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-cert7. A memory leak occurs when an Asterisk pjsip session object is created and that call gets rejected before the session itself is fully established. When this happens the session object never gets destroyed. Eventually Asterisk can run out of memory and crash.
Categories: Security News

CVE-2017-11511

National Vulnerability Database - Wed, 11/08/2017 - 17:29
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
Categories: Security News

CVE-2017-11512

National Vulnerability Database - Wed, 11/08/2017 - 17:29
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
Categories: Security News

CVE-2017-15865

National Vulnerability Database - Wed, 11/08/2017 - 15:29
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain sensitive information via a malformed BGP UPDATE packet from a connected peer, which triggers transmission of up to a few thousand unintended bytes because of a mishandled attribute length, aka RN-690 (CM-18492).
Categories: Security News

CVE-2017-15085

National Vulnerability Database - Wed, 11/08/2017 - 14:29
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
Categories: Security News

CVE-2017-15086

National Vulnerability Database - Wed, 11/08/2017 - 14:29
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
Categories: Security News

CVE-2017-15087

National Vulnerability Database - Wed, 11/08/2017 - 14:29
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4021-1] otrs2 security update

SecurityFocus Vulnerabilities - Wed, 11/08/2017 - 14:20
[SECURITY] [DSA 4021-1] otrs2 security update
Categories: Security News

CVE-2017-16667

National Vulnerability Database - Wed, 11/08/2017 - 13:29
backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft an unreadable file with a specific name to run arbitrary shell commands.
Categories: Security News

CVE-2017-16665

National Vulnerability Database - Wed, 11/08/2017 - 12:29
RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL.
Categories: Security News

CVE-2015-3933

National Vulnerability Database - Wed, 11/08/2017 - 11:29
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary SQL commands via the (1) email parameter or (2) userid parameter to register.php.
Categories: Security News

Pages