1086 matches found
CVE-2019-12148
The Sangoma Session Border Controller SBC 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login into the device's admin...
A week in security (October 14 – 20)
Last week on Malwarebytes Labs, we tried to unlock the future of the password its vulnerabilities, current alternatives, and possible future disappearance, analyzed the lagging response by many businesses in adopting a patch for Pulse VPN vulnerability, looked at Instagram’s bulked-up security...
Unspecified Vulnerability in Sangoma Technologies SBCs
The Sangoma Technologies SBC is a border session controller SBC from Sangoma Technologies, a Canadian company. A security vulnerability in Sangoma Technologies SBC version 2.3.23-119-GA can be exploited by an attacker to create privileged accounts on a system via the application's login screen...
Sangoma Technologies SBC Parameter Injection Vulnerability
The Sangoma Technologies SBC is a border session controller SBC from Sangoma Technologies, a Canadian company. A parameter injection vulnerability exists in Sangoma Technologies SBC version 2.3.23-119-GA, which can be exploited by an attacker to bypass authentication and log in as a non-existing...
CVE-2019-0059
A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device. This issue affects: Juniper Networks Junos OS: 18.1...
Tcpdump BGP parser override vulnerability
tcpdump is a message analysis tool. Tcpdump BGP parser print-bgp.c:bgpattrprint suffers from an out-of-bounds read vulnerability, which can be exploited by a remote attacker to submit a special request that can crash the application...
Using MixMode and Carbon Black to Spot a Watering Hole Attack
For those not familiar with watering hole attacks, they are attacks on a specific place—such as a restaurant—that many people visit. They generally involve malicious code being injected into an iframe on the company’s website. In the case of a restaurant, for example, the online menu would be a...
ALPINE-CVE-2018-14881
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART...
ALPINE-CVE-2018-16230
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...
DEBIAN-CVE-2018-14881
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART...
DEBIAN-CVE-2018-14467
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...
ALPINE-CVE-2018-14467
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...
CVE-2018-16300
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgpattrprint because of unlimited recursion...
CVE-2018-16230
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...
CVE-2018-14881
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART...
CVE-2018-14467
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...
UBUNTU-CVE-2018-14467
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODEMP...
UBUNTU-CVE-2018-14881
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART...
UBUNTU-CVE-2018-16300
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgpattrprint because of unlimited recursion...
UBUNTU-CVE-2018-16230
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...