SUSE-SU-2018:0423-1 Security update for ipsec-tools

This update for ipsec-tools fixes one issue. This security issue was fixed: - CVE-2016-10396: The racoon daemon contained a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments that allowed a remote attacker to exhaust computational resources on the remot...

ABB Ellipse

CVSS v3 6.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ABB Equipment: Ellipse Vulnerability: Unprotected Transport of Credentials AFFECTED PRODUCTS ABB reports that the vulnerability affects Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 including Ellipse...

MyTy 5.1.6 Blind SQL Injection Vulnerability

MyTy versions 5.0.4 through 5.1.6 suffer from a remote blind SQL injection vulnerability. Product: MyTy Vendor: Finlane GmbH CSNC ID: CSNC-2017-029 CVE ID: - Subject: Blind SQL injection Risk: High Effect: Remotely exploitable Author: Nicolas Heiniger Date: 21.11.2017 Introduction: -------------...

Design/Logic Flaw

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying 300 seconds with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web...

CVE-2017-16249

The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying 300 seconds with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web...

iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability

Exploit for java platform in category remote exploits Product: iText PDF Library Vendor: iText Group CVE ID: CVE-2017-9096 Subject: XML External Entity Attack XXE Risk: Medium Effect: Remotely exploitable Author: Benjamin Bruppacher Date: 2017-11-06 Introduction: ------------- iText is a software...

Foreman Cross-Site Scripting Vulnerability (CNVD-2017-30365)

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A cross-site scripting vulnerability exists in Foreman 1.7.0 and later versions. A remote attacker can...

GE CIMPLICITY (Update A)

CVSS v3 6.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: GE Equipment: CIMPLICITY Vulnerability: Stack-based Buffer Overflow UPDATED INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-17-278-01 GE CIMPLICITY that was published October 5,...

Siemens industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update B)

CVSS v3 8.2 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Siemens Equipment: Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation Vulnerability: Improper Restriction of XML External Entity Reference UPDATE INFORMATION This update...

Remotely Exploitable Flaw Puts Millions of Internet-Connected Devices at Risk

Security researchers have discovered a critical remotely exploitable vulnerability in an open-source software development library used by major manufacturers of the Internet-of-Thing devices that eventually left millions of devices vulnerable to hacking. The vulnerability CVE-2017-9765, discovere...

KLA11073 Denial of service vulnerability in Wireshark

A large loop vulnerability was found in the GPRS LLC dissector in Wireshark. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed packet, which is injected onto the wire, or by convincing a user to re...

CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

Design/Logic Flaw

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

Newport XPS-Cx, XPS-Qx

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Newport Equipment: XPS-Cx, XPS-Qx Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of XPS-Cx and XPS-Qx, a universal motion controller, are affected: XPS-Cx all versions, and XPS-Qx all...

Cisco FirePOWER System Software Denial of Service Vulnerability

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. A denial of service vulnerability exists in the login configuration of the Secure Sockets Layer SSL policy in Cisco FirePOWER System Software versions 5.3.0 through 6.2.2. A remote attacker could exploit this...

RCE via path Traversal using CSRF in SAP CRM

Application: SAP NetWeaver Versions Affected: SAP CRM 13676083 Vendor URL: SAP Bugs: CSRF, Path Traversal Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2547431 Author: Vahagn Vardanyan ERPScan, Vladimir Egorov ERPScan VULNERABILI...

SAP Java P4 SLD SSRF

Application: SAP NetWeaver Versions Affected: SAP Netweaver 7.4, 7.5 Vendor URL: SAP Bug: SSRF Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2565622 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Missing...

Schneider Electric Modicon M221 PLCs and SoMachine Basic (Update A)

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available. Vendor: Schneider Electric Equipment: Modicon M221 PLCs and SoMachine Basic Vulnerability: Use of Hard-Coded Cryptographic Key, Protection Mechanism Failure UPDATE INFORMATION This updated...

Cesanta Mongoose OS - Use-After-Free

COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen...

Cesanta Mongoose OS - Use-After-Free Vulnerability

Exploit for hardware platform in category dos / poc Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen Stephan Sekula Date: 2017-04-03...