Huawei SMC2.0 Denial of Service Vulnerability

Huawei SMC2.0 is a video management solution from Huawei, China. The solution supports both H.323 and SIP protocols, and supports access from computers and cell phones. A denial of service vulnerability exists in Huawei SMC2.0, which originates from the program failing to adequately validate...

Siemens OZW672 and OZW772 Man-in-the-Middle Attack Vulnerabilities

Siemens OZW672 and OZW772 are both building controller products from Siemens, Germany. A man-in-the-middle attack vulnerability exists in the Siemens OZW672 and OZW772. This allows an attacker to read and manipulate data in a TLS session while performing a man-in-the-middle MITM attack...

Siemens OZW672 and OZW772 Data Read/Write Vulnerability

Siemens OZW672 and OZW772 are both building controller products from Siemens, Germany. A data read/write vulnerability exists in the Siemens OZW672 and OZW772. An attacker can exploit the vulnerability to read and write historical measurement data under certain conditions, or read and modify data...

OpenDaylight 'odl-l2switch-switch' Denial of Service Vulnerability

OpenDaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security vulnerability exists in the...

Using the CTS for vulnerability detection and principles of analysis-vulnerability warning-the black bar safety net

360 Vulpecker team Membership 360 Information Security Department, committed to the Android application and the system-layer vulnerability discovery as well as other Android security research. We passed on the CTS frame of the research, the preparation of a vulnerability detection aspect of the...

Move Securely to the Cloud: WAF Requirements and Deployment Options

Moving to the cloud has become an overwhelmingly popular trend even among organizations that were at first reluctant to make the move. Wherever you are in your cloud migration plan, it can take time, sometimes years, and often starts with first moving peripheral workloads to the cloud while leavi...

OSRAM SYLVANIA Osram Lightify Home Man-in-the-Middle Attack Vulnerability

OSRAM SYLVANIA Osram Lightify Home is a set of open IoT platforms for automated control of lighting devices from OSRAM Germany. OSRAM SYLVANIA Osram Lightify Home A security vulnerability exists in versions 2016-07-26 and earlier, which stems from the program's failure to use SSL pinning.An...

SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS

A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...

openssl: Possible integer overflow vulnerabilities in codebase

Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash...

SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS

A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients...

CFME: default certificate used across all installs

CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time. However if an attacker were able to man-in-the-middle an administrator while installing the new certificate, the attacker could get a copy of the uploaded private key allowing for...

freeradius: TLS resumption authentication bypass

An authentication bypass flaw was found in the way the EAP module in FreeRADIUS handled TLS session resumption. A remote unauthenticated attacker could potentially use this flaw to bypass the inner authentication check in FreeRADIUS by resuming an older unauthenticated TLS session...

How to resolve "Failed to probe partitions from virtual disk" error while importing an OS Layer

When importing an OS layer, you get this error: Failed to attach the disk /mnt/repository/Unidesk/OsImport Disks/Windows 10.vhd. Failed to probe partitions from virtual disk This is most often seen when importing a XenServer Windows 10 Gold VM that was exported as an OVF. However, it could happen...

LAME II_step_one function buffer overflow vulnerability

LAME is an open source MP3 audio compression software. A buffer overflow vulnerability exists in the LAME libmpgdecoder.a/mpglib/layer2.c/IIstepone function, which allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash...

LAME 'III_i_stereo' Denial of Service Vulnerability

LAME is LAME team developed a set of open source MP3 audio compression software. mpglib is one of the mpg decoding library . A security vulnerability exists in the 'IIIistereo' function in the layer3.c file of mpglib in LAME version 3.99.5 and other products. A remote attacker can exploit this...

LAME 3.99.5 - II_step_one Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Description: lame is a high quality MPEG Audio Layer III MP3 encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results on the debian bugtracker. In...

LAME 3.99.5 - II_step_one Buffer Overflow

LAME 3.99.5 - IIstepone Buffer Overflow Description: lame is a high quality MPEG Audio Layer III MP3 encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results on the debian bugtracker. In cases li...

UBUNTU-CVE-2017-9872

The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

UBUNTU-CVE-2017-9870

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype == 2" case, a similar...

DEBIAN-CVE-2017-9870

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype == 2" case, a similar...