OpenNetAdmin 18.1.1 - Command Injection Exploit (Metasploit)

class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. , 'Author' = 'mattpascoe', Vulnerability discovery 'Onur ER ' Metasploit module , 'References' = 'EDB', '47691' , 'DisclosureDate' =...

OpenNetAdmin 18.1.1 Command Injection

class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. , 'Author' = 'mattpascoe', Vulnerability discovery 'Onur ER ' Metasploit module , 'References' = 'EDB', '47691' , 'DisclosureDate' =...

Denial Of Service (DoS)

bittorrent-dht is vulnerable to denial of service DOS attacks. The vulnerability exists as it does not restrict to run one ping at the time, leading to an infinite asnyc ping recursion and an application crash when a malicious user sends a large number of pings simultaneously without disregarding...

The vulnerability of D-Link DIR-655, D-Link DIR-866L, D-Link DIR-652, and D-Link DHP-1565 router microprogramming software lies in insufficient checking of arguments passed in commands, allowing attackers to execute arbitrary code.

The vulnerability of D-Link DIR-655, D-Link DIR-866L, D-Link DIR-652, and D-Link DHP-1565 router microprogramming software is related to insufficient testing of the arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mod_auth_openidc Multiple Vulnerabilities (NS-SA-2019-0220)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has modauthopenidc packages installed that are affected by multiple vulnerabilities: - The OpenID Connect Relying Party and OAuth 2.0 Resource Server aka modauthopenidc module before 2.1.6 for the Apache HTTP Server does not sk...

CVE-2019-18184

Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function...

CVE-2019-18184

Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function...

Command injection

Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function...

CVE-2019-18184

Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to the ping function...

CVE-2019-18184

CVE-2019-18184 affects Crestron DMC-STRO 1.0 devices, enabling remote root command execution via shell metacharacters passed to the ping function. Multiple connected sources (NVD entry and vendor/Red Hat/CNVD records) corroborate a remote command-injection vulnerability in the DMC-STRO streaming ...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

HTTP/2: flood using PING frames results in unbounded memory growth

A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Go (CVE-2019-9512, CVE-2019-9514)

Summary Security Vulnerabilities affect IBM Cloud Private - Go Vulnerability Details CVEID: CVE-2019-9514 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 HTTP/2 security update

An update is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...