Path traversal

A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files...

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1968)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2020-8622

In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...

openSUSE Security Update : ntp (openSUSE-2020-1007)

This update for ntp fixes the following issues : ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...

MGASA-2020-0212 Updated ntp packages fix security vulnerability

The updated packages fix security vulnerabilities including: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packe...

UBUNTU-CVE-2020-11868

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...

PT-2020-2999 · Nts +7 · Ntp +7

Name of the Vulnerable Software and Affected Versions: ntp versions 4.2.8 through 4.2.8p14 ntp versions 4.3.x through 4.3.100 Description: The issue allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This is because...

Path traversal

Network Time Protocol NTP, as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks...

Directory traversal

A server directory traversal vulnerability was found on node module mcstatic =0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path...

CVE-2018-19222

An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysqlhy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists...

DEBIAN-CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

UBUNTU-CVE-2018-5137

A legacy extension's non-contentaccessible, defined resources can be loaded by an arbitrary web page through script. This script does this by using a maliciously crafted path string to reference the resources. Note: this vulnerability does not affect WebExtensions. This vulnerability affects...

Updated glibc packages fix security vulnerabilities

The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.CVE-2017-12132, CVE-2017-12133. The GNU C Library aka...

GNU C Library DNS Spoofing Vulnerability

The GNU C Library aka glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A security vulnerability exists in the DNS stub resolver in versions of the GNU C Library prior to 2.26. An attacker can exploit this vulnerability to perform an off-path DNS spoofing...

UBUNTU-CVE-2017-5982

Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi allows remote attackers to read arbitrary files via a %2E%2E%252e encoded dot dot slash in the image path, as demonstrated by image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd...

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

kernel: challenge ACK counter information disclosure.

It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the chang...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Google Android

Proof-of-concept code for CVE-2016-5696 This code currently a...

kernel: challenge ACK counter information disclosure.

It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the chang...