PT-2017-9763 · Moxa · Moxa Awk-3131A Wireless Access Point

Name of the Vulnerable Software and Affected Versions: Moxa AWK-3131A Wireless Access Points version 1.1 Description: An exploitable OS Command Injection issue exists in the web application 'ping' functionality. Specially crafted web form input can cause an OS Command Injection, resulting in...

The vulnerability of the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the pingunhash function in the net/ipv4/ping.c module of the Linux operating system is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating locally, to cause a service failure by gaining access to the IP protocol value in...

Moxa AWK-3131A Web Application Ping Command Injection Vulnerability

Summary An exploitable OS Command Injection vulnerability exists in the web application ‘ping’ functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...

Huawei HG532n Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used her...

CVE-2017-6059

Modauthopenidc.c in the Ping Identity OpenID Connect authentication module for Apache aka modauthopenidc before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request...

Design/Logic Flaw

Modauthopenidc.c in the Ping Identity OpenID Connect authentication module for Apache aka modauthopenidc before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request...

CVE-2017-6059

CVE-2017-6059 affects the Ping Identity OpenID Connect module for Apache (mod_auth_openidc) prior to 2.14. The issue allows remote attackers to spoof page content by presenting a malicious URL that triggers an invalid request, due to improper handling within mod_auth_openidc.c. The vulnerability’...

CVE-2017-6059

Modauthopenidc.c in the Ping Identity OpenID Connect authentication module for Apache aka modauthopenidc before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request...

Opmantek NMIS Command Injection Vulnerability

Opmantek is a developer of opensource IT infrastructure management and auditing software. A command injection vulnerability exists in Opmantek NMIS. This allows attackers to inject via man, finger, ping, trace, and nslookup commands in tools.pl CGI scripts...

Linux kernel local denial of service vulnerability (CNVD-2017-05228)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the pingunhash function in net/ipv4/ping.c in the Linux kernel, which can be exploited by an attacker to cause a denial of...

PT-2017-4255 · Zyxel · Zyxel Emg2926

Name of the Vulnerable Software and Affected Versions: Zyxel EMG2926 version V1.00AAQT.4b8 Description: A command injection issue was discovered in the diagnostic tools of the Zyxel EMG2926 home router, specifically in the nslookup function. This allows a malicious user to execute arbitrary...

CVE-2017-2671

A race condition leading to a NULL pointer dereference was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to crash the system...

MacOS/iOS kernel heap overflow in bpf (CVE-2017-2482)

The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof size; if size bpfmaxbufsize size = bpfmaxbufsize; else if size bdbufsize = size; break; d-bdbif is set to the currently attached...

Apple macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1125 The bpf ioctl BIOCSBLEN allows userspace to set the bpf buffer length: case BIOCSBLEN: / uint / if d-bdbif != 0 error = EINVAL; else uint size; bcopyaddr, &size, sizeof size; if size bpfmaxbufsize size = bpfmaxbufsize; else ...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3533)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3533 advisory. - Revert 'x86/mm: Expand the exception table logic to allow new handling options' Brian Maly Orabug: 25790387 CVE-2016-9644 - Revert 'fix minor...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3535)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3535 advisory. - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 - net: ping: check...

CVE-2014-8570

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S127...

Input validation

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S127...

CVE-2014-8570

Huawei S9300, S9303, S9306, S9312 with software V100R002; S7700, S7703, S7706, S7712 with software V100R003, V100R006, V200R001, V200R002, V200R003, V200R005; S9300E, S9303E, S9306E, S9312E with software V200R001; S9700, S9703, S9706, S9712 with software V200R002, V200R003, V200R005; S12708, S127...

CVE-2014-8570

The CVE-2014-8570 entry maps to a Huawei VRP information-leak vulnerability where MPLS LSP Ping binds to unnecessary interfaces, enabling leakage of device IP addresses. Affected Huawei VRP-equipped devices include S-series and S9300/S9700 families across multiple software train versions (e.g., V...