uClibc-ng uClibc 安全特征问题漏洞

uClibc-ng is an application. Small C library for Linux. uClibc is a small C standard library for embedded Linux systems. A security vulnerability exists in uClibc-ng version 1.0.40 and earlier, uClibc version 0.9.33.2 and earlier, which stems from the use of predictable DNS transaction IDs that c...

PT-2022-2474 · Uclibc +2 · Uclibc +2

Name of the Vulnerable Software and Affected Versions: uClibc-ng versions through 1.0.40 uClibc versions through 0.9.33.2 Description: The issue is related to the use of predictable DNS transaction IDs, which may lead to DNS cache poisoning. This is due to a reset of a value to 0x2. The...

FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...