654 matches found
Broadcom 802.11r (FT) Reassociation Response Overflows Vulnerability
Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r FT Reassociation Response. Broadcom: Multiple overflows when handling 802.11r FT Reassociation Response CVE-2017-11121 Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. Thes...
CVE-2017-11121
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56 and other chips, properly crafted malicious over-the-air Fast Transition frames can potentially trigger internal Wi-Fi firmware heap and/or stack overflows, leading to denial of service or other effects, aka B-V2017061205...
The Next Generation of the Rapid7 Community
Rapid7s community is evolving! For the past several years, community.rapid7.com has been our platform for news and knowledge spanning blogs, questions, discussion, and documentation. We have tried to ensure that our community site has been a source of pragmatic, down-to-earth information and...
Access and Delivery different sides of the same coin
We are often so caught up in our own realities that we miss obvious similarities or synergies. Luckily when various people look at the same situation, different perspectives emerge. I was reminded of that recently during a conversation with one of our large pharma customers. Akamai helps our...
ncset.org XSS vulnerability
Vulnerable URL: http://www.ncset.org/topics/ieptransition/default.asp?topic=1"...
Debian DSA-3881-1 : firefox-esr - security update
Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing. Debian follows the extended support...
CVE-2017-8438
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the runas functionality. This bug prevents transitioning into the specified user specified in a runas request. If a role has been created using a template that contains the user properties, the behavior of runas...
ALPINE-CVE-2017-9228
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...
CVE-2017-9228
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect...
Debian DLA-896-1 : icedove/thunderbird security update
Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. With version 45.8 Debian drops it's custom branding from the Icedove package an...
CVE-2017-6956
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...
CVE-2017-6956
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...
CVE-2017-6956
On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...
Broadcom: Heap overflow in TDLS Teardown Request while handling Fast Transition IE (CVE-2017-0561)
详细分析:https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html Posted by Gal Beniamini, Project Zero It's a well understood fact that platform security is an integral part of the security of complex systems. For mobile devices, this statement rings even truer; modern...
Broadcom: Stack buffer overflow when handling 802.11r (FT) authentication response (CVE-2017-6975)
Detailed analysis of reference : the https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html the first part https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi11.html Part II Broadcom produces the Wi-Fi HardMAC SoCs which are used to...
March 2017 security update release
Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Security bulletins were also...
HackerOne: Transitioning a Private Program to Public Does Not Clear Previously Private Updates to Hackers
Summary: Transitioning a private program to public does not clear the previously private updates to hackers Description Include Impact: If you are managing a private bug bounty program and choose to message hackers in the program with a targeted bounty campaign or other limited / private messagin...
Torvalds Downplays SHA-1 Threat to Git
When researchers demonstrated the first practical collision attack for the cryptographic hash function SHA-1 last week, they also identified related vulnerabilities impacted by the now-compromised algorithm. According to the SHAttered research post, co-authored by Google and a host of cryptograph...
CVE-2016-8227
Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges...
Privilege escalation
Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges...