SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3265-1)

This update for the Linux Kernel 3.12.61-52146 fixes several issues. The following security issues were fixed : CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is...

IObit Malware Fighter Buffer Overflow Vulnerability

IObit Malware Fighter is a suite of antivirus software for Windows-based platforms. The program has features such as anti-malware and virus protection. A stack buffer overflow vulnerability exists in the IMFCameraProtect.sys file in IObit Malware Fighter version 6.2 and possibly prior to 6.2. An...

Morris Worm fingerd Stack Buffer Overflow

This module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently, only bsd/vax/shellreversetcp is supported. This module requires Metasploit:...

CVE-2018-15704

Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp...

CVE-2018-15704

Advantech WebAccess 8.3.2 and earlier are affected by a stack-based buffer overflow in broadweb/system/opcImg.asp. The CNVD entry confirms a vulnerability that an unauthenticated? or remote attacker could exploit via a crafted HTTP request to that path to execute arbitrary code or cause a denial ...

SUSE-SU-2018:3173-1 Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP2)

This update for the Linux Kernel 4.4.114-9264 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

SUSE-SU-2018:3172-1 Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-6064104 fixes several issues. The following security issues were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain...

SUSE-SU-2018:3159-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain...

openvswitch/odp_target: Stack-buffer-overflow in nullable_memcpy

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5734833108549632 Project: openvswitch Fuzzer: libFuzzeropenvswitchodptarget Fuzz target binary: odptarget Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type: Stack-buffer-overflow READ...

Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer...

Important: kernel

Issue Overview: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the...

Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zahir Enterprise Plus 6 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Zahir Enterprise Plus version ...

CVE-2018-17962

An integer overflow issue was found in the AMD PC-Net II NIC emulation in QEMU. It could occur while receiving packets, if the size value was greater than INTMAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process resulting i...

CVE-2018-10839

An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the size value was greater than INTMAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process, resulting...

Amazon Linux AMI : kernel (ALAS-2018-1086)

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

Security Bulletin: Security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2015-1283, CVE-2015-4947, CVE-2015-3183)

Summary IBM HTTP Server is shipped as a component of IBM Rational ClearQuest. Information about security vulnerabilities affecting IBM HTTP Server have been published in several security bulletins. Vulnerability Details Please consult these security bulletins: Security Bulletin: Denial of service...

Samsung Galaxy S8 Arbitrary Code Execution Vulnerability

The Samsung Galaxy S8 is a smartphone released by the South Korean company Samsung Samsung. An arbitrary code execution vulnerability exists in the Samsung Galaxy S8, which stems from a failure to properly validate the length of user-submitted data before copying it into a buffer on a fixed-lengt...

CVE-2018-14633

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...

CVE-2018-14633

CVE-2018-14633 affects the Linux kernel iSCSI target code, specifically chap_server_compute_md5(), where an unauthenticated remote attacker can trigger a stack-based buffer overflow, potentially causing a denial of service or exposing data from an iSCSI target. Public disclosures in 2018 indicate...

CVE-2018-14633

A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The atta...