MGASA-2017-0380 Updated db48 and db53 packages fix security vulnerability

It was found that Berkeley DB reads the DBCONFIG configuration file from the current working directory by default. This happens when calling dbcreate with dbenv=NULL; or using the dbmopen function CVE-2017-10140...

shadowsocks-libev 3.1.0 - Command Execution

shadowsocks-libev 3.1.0 - Command Execution X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks...

shadowsocks-libev 3.1.0 - Command Execution

X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL:...

Shadowsocks-libev 3.1.0 Command Execution Vulnerability

Exploit for linux platform in category local exploits Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL:...

Shadowsocks-libev 3.1.0 Command Execution

X41 D-Sec GmbH Security Advisory: X41-2017-010 Command Execution in Shadowsocks-libev ====================================== Overview -------- Severity Rating: High Confirmed Affected Versions: 3.1.0 Confirmed Patched Versions: N/A Vendor: Shadowsocks Vendor URL:...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

RHAPIS - Network Intrusion Detection Systems Simulator

Network intrusion detection systems simulator. RHAPIS provides a simulation environment through which user is able to execute any IDS operation. Basic Usage Type HELP in the console in order to see the available commands. RHAPIS is written in Lua language. You need to have installed Lua in order ...

CVE-2017-14942

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie...

CVE-2017-14942

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie...

Authentication flaw

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie...

Fedora 26 : pure-ftpd (2017-7a9447c0af)

This is an update fixing loading the configuration file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

PT-2017-13767 · Intelbras · Intelbras Wrn 150

Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 devices affected versions not specified Description: The issue allows remote attackers to read the configuration file and bypass authentication by making a direct request for "cgi-bin/DownloadCfg/RouterCfm.cfg" with an...

Roteador Wireless Intelbras WRN150 - Autentication Bypass

Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN 150 Date: 28/09/2017 Exploit Author: Elber Tavares Vendor Homepage: http://intelbras.com.br/ Version: Intelbras Wireless N 150 Mbps - WRN 150 Tested on: kali linux, windows 7, 8.1, 10 For more info:...

Postfix: Privilege escalation

Background Postfix is a mail server and an alternative to the widely-used Sendmail program. Description By default, Berkeley DB reads a DBCONFIG configuration file from the current working directory. This is an undocumented behavior. Impact A local attacker, by using a specially crafted DGCONFIG...

mysql: unrestricted mysqld_safe's ledir (CPU Jan 2017)

It was discovered that the mysqldsafe script honored the ledir option value set in a MySQL configuration file. A user able to modify one of the MySQL configuration files could use this flaw to escalate their privileges to root...

MetInfo Directory Traversal Vulnerability

MetInfo is a content management system CMS developed using PHP and Mysql by China Mito Information Technology Ltd. A directory traversal vulnerability exists in MetInfo version 5.3.17. A remote attacker can exploit this vulnerability to read information in an ini format file...

Hikvision IP Cameras Multiple Vulnerabilities (Sep 2017) - Active Check

Multiple Hikvision IP cameras are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability(CVE-2017-2841)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...

Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability(CVE-2017-2842)

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting...

Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Password Disclosure Vulnerability

The Medfusion 4000 Wireless Syringe Infusion Pump is a syringe infusion pump deployed in healthcare and public health for delivering small doses of medication in acute care settings. A password disclosure vulnerability exists in the Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump. Th...