冰峰VPN /log/system.log 敏感信息泄漏漏洞

由于“ICEFLOW VPN Router”设备产品存在各种日志文件未授权访问可导致系统敏感信息泄漏。（包括登录成功后的session值） 系统日志http://url/log/system.log VPN日志http://url/log/vpn.log 移动用户日志http://url/log/mobile.log 防火墙日志http://url/log/firewall.log 访问日志http://url/log/access.log 告警日志http://url/log/warn.log 错误日志http://url/log/error.log...

Mageia: Security Advisory (MGASA-2016-0030)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Harman AMX multimedia devices contain hard-coded credentials

Overview Multiple models of Harman AMX multimedia devices contain a hard-coded debug account. Description CWE-798: Use of Hard-coded Credentials - CVE-2015-8362According to the researchers' blog post, several models of Harman AMX multimedia devices contain a hard-coded "backdoor" account with...

Updated bind packages fix security vulnerability

In ISC BIND before 9.10.3-P3, a buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl42.c CVE-2015-8704. In ISC BIND before 9.10.3-P3, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the...

CVE-2015-8705

buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit, or daemon crash or possibly have unspecified other impact via 1 OPT data or 2 an ECS option...

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...

Multiple Huawei Products Password Change Vulnerability

Huawei TE30, TE40, TE50 and TE60 are all-in-one HD video conferencing endpoints from Huawei China that support intelligent voice calling and Wi-Fi wireless interconnectivity. The Huawei TE30, TE40, TE50, and TE60 Debug accounts fail to enter the old password as required when changing the password...

Denial of Service Vulnerability in Multiple Huawei Products

The Huawei TE30, TE40, TE50 and TE60 are all-in-one HD video conferencing endpoints from Huawei China that support intelligent voice calling and Wi-Fi wireless connectivity. A security vulnerability in the presentation transmission permission management mechanism of the Huawei TE30, TE40, TE50, a...

Janitza Multiple UMG Devices Remote Debug Interface RCE

Binary data scadajanitzadebugsvc.nbin...

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...

Debian Security Advisory DSA 3441-1 (perl - security update)

David Golden of MongoDB discovered that File::Spec::canonpath in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. The oldstable distribution wheezy i...

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik...

virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as DB debug exception is handled. A privileged user...

RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0066 RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability January 7, 2016 CVE Number CVE-2015-8270 Description The vulnerability occurs within the AMF3ReadString function within amf.c. If an attacker sets up a malicious RTMP Media server that...

Android ADB Debug Server Remote Payload Execution

Writes and spawns a native payload on an android device that is listening for adb debug messages. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android ADB Debug Server Remote Payload...

openstack-ironic-discoverd: potential remote code execution with debug mode enabled

It was discovered that enabling debug mode in openstack-ironic-discoverd also enabled debug mode in the underlying Flask framework. If errors were encountered while Flask was in debug mode, a user experiencing an error might be able to access the debug console effectively, a command shell...

Important: Red Hat Security Advisory: openstack-ironic-discoverd security update

Updated openstack-ironic-discoverd packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Ubuntu: Security Advisory (USN-2840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2843-2: Linux kernel (Wily HWE) vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

USN-2843-2 linux-lts-wily vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...