DEBIAN-CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

UBUNTU-CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

BusyBox 安全漏洞

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox 1.37.0 and earlier versions, which stems from the fact that netstat may be used to trigger an ANSI terminal escape sequenc...

CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

CVE-2024-58251

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv0 containing an ANSI terminal escape sequence, leading to a denial of service terminal locked up when netstat is used by a victim...

CVE-2024-58251

CVE-2024-58251 affects BusyBox netstat up to version 1.37.0. Local attackers can cause a denial of service by running a network application with argv[0] containing an ANSI terminal escape sequence, which locks the victim’s terminal when netstat is used. The issue is rooted in how netstat handles ...

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...

CVE-2024-42757

Command injection vulnerability in Asus RT-N15U 3.0.0.4.3763754 allows a remote attacker to execute arbitrary code via the netstat function page...

ASUS RT-N15U 安全漏洞

The ASUS RT-N15U is a wireless router from Asus China. A security vulnerability exists in the Asus RT-N15U version 3.0.0.4.3763754, which originates from an arbitrary code execution vulnerability in the netstat function...

CVE-2024-42757

Command injection vulnerability in Asus RT-N15U 3.0.0.4.3763754 allows a remote attacker to execute arbitrary code via the netstat function page...

CVE-2024-42757

Command injection vulnerability in Asus RT-N15U 3.0.0.4.3763754 allows a remote attacker to execute arbitrary code via the netstat function page...

CVE-2024-42757

CVE-2024-42757 pertains to the Asus RT-N15U router (firmware 3.0.0.4.376_3754). The issue is a command injection via the netstat function page, enabling a remote attacker to execute arbitrary code. Documented impact is severe (high confidentiality, integrity, and availability impacts; CVSS v3.1 b...

CVE-2023-6895

Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) contains an OS command injection in /php/ping.php via jsondata[ip], where the attacker-provided input (e.g., netstat -ano) can execute commands. Public exploit details exist; upgrading to version 4.1.0 addresses the issue.

Deserialization of untrusted data

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to including 2.20.10 stable branch and 2.21.17 unstable branch use the component "commons-beanutils", which contains a class that can be used for remote...

CVE-2023-37895

Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to including 2.20.10 stable branch and 2.21.17 unstable branch use the component "commons-beanutils", which contains a class that can be used for remote...

Netstat Ingress Connections

Binary data netstatexternalconnections.nbin...

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

Four different rogue packages in the Python Package Index PyPI have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorizedkeys file. The packages in question are aptx, bingchilling2, httops, and tkint3rs...

Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages

Four different rogue packages in the Python Package Index PyPI have been found to carry out a number of malicious actions, including dropping malware, deleting the netstat utility, and manipulating the SSH authorizedkeys file. The packages in question are aptx, bingchilling2, httops, and tkint3rs...

net-snmp bug fix and enhancement update

An update for net-snmp is now available for Rocky Linux 8.6 Extended Update Support. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP...