[ASA-201710-1] dnsmasq: multiple issues

Arch Linux Security Advisory ASA-201710-1 ========================================= Severity: Critical Date : 2017-10-02 CVE-ID : CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 Package : dnsmasq Type : multiple issues Remote : Yes Link :...

Critical: dnsmasq

Issue Overview: Information leak in the DHCPv6 relay code An information leak was found in dnsmasq in the DHCPv6 relay code. An attacker on the local network could send crafted DHCPv6 packets to dnsmasq causing it to forward the contents of process memory, potentially leaking sensitive data...

Kernel security update: CVE-2017-1000253; Virtuozzo ReadyKernel patch 32.1 for Virtuozzo 7.0.x

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3, 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4,...

Internet Bug Bounty: Perl $ENV Key Stack Buffer Overflow

The CPerlHost::Add method in win32\perlhost.h is vulnerable to a stack buffer overflow. void CPerlHost::AddLPCSTR lpStr char szBuffer1024; LPSTR lpPtr; int index, length = strlenlpStr+1; forindex = 0; lpStrindex != '\0' && lpStrindex != '='; ++index szBufferindex = lpStrindex; szBufferindex = '\0...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-085)

According to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Kernel crash due to missing error handling for negatively instantiated keys. - A stack buffer overflow...

The vulnerability of the messaging system between components of ArchestrA Wonderware ArchestrA Logger is caused by buffer overflows in the stack, allowing an attacker to execute arbitrary code.

The vulnerability of the messaging system between components in ArchestrA Wonderware ArchestrA Logger arises due to buffer overflow on the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of a high-priority account...

openthread: Stack-buffer-overflow in ot::NetworkData::PrefixTlv::GetSubTlvs

Detailed report: https://oss-fuzz.com/testcase?key=5490815742771200 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7fb823a8eb22 Crash...

MP3Gain mpglibDBL Denial of Service Vulnerability (CNVD-2017-33783)

MP3Gain is a MP3 file volume adjustment application. mpglibDBL is one of the MPEG file decoders. A security vulnerability exists in dct36 of the layer3.c file of mpglibDBL in MP3Gain. A remote attacker could exploit this vulnerability to cause a denial of service stack buffer out-of-bounds read a...

perl -- multiple vulnerabilities

Meta CPAN reports: CVE-2017-12814: $ENV$key stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. CVE-2017-12837: Heap buffer overflow in regular expression compiler Compiling...

WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability(CVE-2017-2800)

Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...

[ASA-201709-12] linux-zen: arbitrary code execution

Arch Linux Security Advisory ASA-201709-12 ========================================== Severity: High Date : 2017-09-18 CVE-ID : CVE-2017-1000251 Package : linux-zen Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-394 Summary ======= The package linux-zen...

PowerIso Parsing Code Execution Vulnerability(CVE-2017-2817)

Summary An stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO. A specially crafted ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific ISO file to trigger this vulnerability. Tested...

wireshark: Stack-buffer-overflow in zbee_sec_add_key_to_keyring

Project: https://code.wireshark.org/review/wireshark Detailed report: https://oss-fuzz.com/testcase?key=4728461463650304 Project: wireshark Fuzzer: libFuzzerwiresharkfuzzsharkip Fuzz target binary: fuzzsharkip Job Type: libfuzzerasanwireshark Platform Id: linux Crash Type: Stack-buffer-overflow...

KingScada AlarmServer 3.1.2.13 Buffer Overflow Exploit

This Metasploit module exploits a stack based buffer overflow found in KingScada versions prior to 3.1.2.13. The vulnerability is triggered when sending a specially crafted packet to the 'AlarmServer' AEserver.exe service listening on port 12401. During the parsing of the packet the 3rd dword is...

[ASA-201709-9] linux: arbitrary code execution

Arch Linux Security Advisory ASA-201709-9 ========================================= Severity: High Date : 2017-09-15 CVE-ID : CVE-2017-1000251 Package : linux Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-392 Summary ======= The package linux before versio...

RHEL 6 : kernel (RHSA-2017:2731)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2731 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A stack buffer overflow flaw was found in the w...

openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6738146924429312 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...

Lockstep Backup for Workgroups 4.0.3 - Remote Buffer Overflow (Metasploit)

Lockstep Backup for Workgroups 4.0.3 - Remote Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'Lockstep Backup for Workgroups %q This module exploits a stack buffer overflow found in Lockstep Backup for Workgroups 'james fitts' , 'License' = MSFLICENSE, 'Version' = '$Revision...

CentOS Update for kernel CESA-2017:2679 centos7

Check the version of kernel SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882768";...

Motorola Netopia Netoctopus SDCS Stack Buffer Overflow

require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...