Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise 3.2 security update and bug fix update

An update for atomic-openshift and heapster is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Denial of Service Vulnerability in Multiple Huawei Products (CNVD-2016-06549)

Huawei Access Controllers AC6003 and others are wireless access controllers from Huawei, China. A denial of service vulnerability exists in multiple Huawei products. An attacker can exploit this vulnerability by sending specially crafted packets to cause a denial of service device reboot...

Security Advisory - Input Validation Vulnerability in Huawei Access Controllers

There is an input validation vulnerability in Huawei access controllers AC. Due to the lack of input validation, an attacker may craft malformed Control And Provisioning of Wireless Access Points CAPWAP protocol packets and send them to the device, causing the device to restart. Vulnerability ID:...

PLC Blaster Worm Targets Industrial Control PLCs

LAS VEGAS – Security researchers at Black Hat USA described a proof-of-concept worm that targets weaknesses within automated industrial control systems used to manage critical infrastructure and manufacturing. The worm, according to OpenSource Security, has the capability to autonomously search f...

Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers Arbitrary Code Execution Vulnerability

Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers is a set of programming software for M171/M172 controllers from Schneider Electric France. A security vulnerability exists in the ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M17...

CVE-2016-4529

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFEFORUNTRUSTEDCALLER aka safe for scripting flag...

CVE-2016-4529

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFEFORUNTRUSTEDCALLER aka safe for scripting flag...

CVE-2016-4529

An unspecified ActiveX control in Schneider Electric SoMachine HVAC Programming Software for M171/M172 Controllers before 2.1.0 allows remote attackers to execute arbitrary code via unknown vectors, related to the INTERFACESAFEFORUNTRUSTEDCALLER aka safe for scripting flag...

Mitsubishi FX3G PLC Denial of Service Vulnerability

FX3G series PLC is specialized in providing customers with more personalized system solutions, which can fully meet the system requirements of customers in different industries. A denial-of-service vulnerability exists in the Mitsubishi FX3G PLC, which allows an attacker to exploit the...

The vulnerability of the Samba file system allows a perpetrator to circumvent existing access restrictions.

The vulnerability of the samldbcheckuseraccountcontrolacl function in the Samba file system located in the samdb/ldbmodules/samldb.c file is related to improper privilege checking during the creation of computer accounts. Exploiting this vulnerability can allow a malicious actor to circumvent...

UBUNTU-CVE-2016-2111

The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by running a crafted applicatio...

Environmental Systems Corporation Data Controllers Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-16-147-01A Environmental Systems Corporation Data Controllers Vulnerabilities that was published June 2, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified data controller...

Rails Dynamic Render 远程命令执行漏洞 (CVE-2016-0752)

如果你的应用程序使用的动态模版路径 例如: render params:id 那么你的程序将会存在远程代码执行和本地文件包含漏洞. 请把你的 Rails 升级到最新版本, 或者重构你的 controllers。 我们将展示如何在特定环境下使用代码执行和本地包含漏洞去攻击 Ruby on Rails 。 Rails的控制器有包含指定渲染文件的功能，举个例子, 当我们调用 show 方法的时候，如果没有定义其他渲染方法，该框架将会隐藏渲染 show.html.erb 文件。 在绝大多数情况下，开发者会输出不同的格式，例如：文本, JSON, XML 或者其他任何格式，或者查看一个文件,...

FAQ: Connection Leasing in XenApp/XenDesktop 7.6

Q: What is Connection leasing? A: It allows users to connect to recently used published applications or desktops launchedwithin the last 2 weeks or less during a site database failure using a combination of a license lease and cached information on the Delivery Controllers. The Delivery...

DEBIAN-CVE-2015-8467

The samldbcheckuseraccountcontrolacl function in dsdb/samdb/ldbmodules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass...

The vulnerability of microprogrammed software in programmable logic controllers PCD allows a intruder to gain administrator privileges.

The vulnerability of PCD programmable logic controllers’ microprogramming software exists due to the rigid encoding of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain administrator privileges through an FTP session...

PentestPackage - A Package of Multiple Pentest Scripts

Contents: Wordlists - Comprises of password lists, username lists and subdomains Web Service finder - Finds web services of a list of IPs and also returns any URL rewrites Gpprefdecrypt. - Decrypt the password of local users added via Windows 2008 Group Policy Preferences. rdns.sh - Runs...

Schneider Electric Patches Buffer Overflow in PLC Line

Automation and energy management company Schneider Electric patched a vulnerability in a product line this week that was leaving a handful of programmable automation controllers at risk of being hacked. Thirteen different builds of the Modicon M340 PLC are affected by the vulnerability, a buffer...

UBUNTU-CVE-2015-7540

The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service memory consumption and daemon crash via crafted packets...

UBUNTU-CVE-2015-8467

The samldbcheckuseraccountcontrolacl function in dsdb/samdb/ldbmodules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative privileges during creation of machine accounts, which allows remote authenticated users to bypass...