by CIRT Team
Juniper Junos Space CVE-2017-2305 Remote Privilege Escalation Vulnerability
Description: On Juniper Networks EX Series Ethernet Switch, running affected Junos OS versions, has been discovered with a vulnerability in IPv6 processing that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. A malicious network-based packet flood of these crafted IPv6 NDP packets may eventually lead to resource exhaustion and a...
Read More
by CIRT Team
SambaCry! Samba CVE-2017-7494 Remote Code Execution Vulnerability
Description: All versions of Samba from 3.5.0 onward are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it. Impact: Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Mitigation:...
Read More
by CIRT Team
Vanilla Forums < 2.3 - Remote Code Execution Vulnerability
Description: Vanilla Forums software (including the latest stable version of 2.3 in its default configuration) is affected by * Host Header Injection CVE-2016-10073 which can be exploited by unauthenticated remote attackers to potentially intercept password reset hash and gain unauthorized access to the victim account or perform web-cache poisoning attacks. Impact: With victim user interaction, attacker could potentially intercept the password reset hash. This vulnerability...
Read More
by CIRT Team
LibreOffice CVE-2017-8358: heap-based buffer overflow related to the ReadJPEG function.
Description: LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. Impact: As an impact it is known to affect confidentiality, integrity, and availability. Mitigation: Updates are available. Please see the references for more information. Reference URL’s: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8358 https://www.libreoffice.org/about-us/security/advisories/ https://security-tracker.debian.org/tracker/CVE-2017-8358 https://access.redhat.com/security/cve/cve-2017-8358 https://bugzilla.redhat.com/show_bug.cgi?id=1447279 https://www.suse.com/security/cve/CVE-2017-8358/
by CIRT Team
SQL Injection Vulnerability in Joomla! 3.7
Description: SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. The vulnerability is caused by a new component, com_fields, which was introduced in version 3.7. Impact: An SQL injection flaw that allows attackers to execute custom SQL code on affected systems and take over vulnerable sites. Mitigation: Upgrade to version 3.7.1. Please check specific vendor advisory...
Read More
by CIRT Team
WordPress Password Reset CVE-2017-8295 Security Bypass Vulnerability
Description: WordPress through 4.7.4 relies on the Host HTTP header for a password-reset e-mail message, which makes it easier for remote attackers to reset arbitrary passwords by making a crafted wp-login.php?action=lostpassword request and then arranging for this message to bounce or be resent, leading to transmission of the reset key to a mailbox on an attacker-controlled SMTP server. This is related to problematic use of...
Read More
by CIRT Team
Microsoft Windows SMB Server (MS17-010) Vulnerability
Description: Microsoft Windows SMB Server is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Related CVE’s: CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148 Vulnerable Versions: Microsoft Windows Vista x64 Edition Service Pack 2 Microsoft Windows Vista Service Pack 2 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012...
Read More
by CIRT Team
Squirrelmail CVE-2017-7692 Command Injection Vulnerability
Description: SquirrelMail versions 1.4.22 and below are vulnerable to a command-line argument injection exploit that could allow arbitrary code execution if $edit_identity and $useSendmail are enabled and user has knowledge of the location and permissions on the SquirrelMail attachment directory. Impact: Successful exploit allows an attacker to inject and execute arbitrary commands in context of the affected application. Squirrelmail version 1.4.22 and prior are vulnerable....
Read More
by CIRT Team
Linux Kernel CVE-2017-7895 Multiple Security Bypass Vulnerabilities
Description: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacks certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. Impact: Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks....
Read More
by CIRT Team
Linksys Smart Wi-Fi Vulnerabilities
Description: Cyber security researchers from IOActive said in an advisory that after reverse engineering, the router firmware they identified total of 10 security vulnerabilities, ranging from low-to-high risk issues, six of which can be exploited remotely by unauthenticated attackers. Impact: Because of these vulnerabilities, it allows unauthenticated attackers to create a Denial-of-Service (DoS) condition on the router. Attackers can also bypass the authentication protecting the...
Read More
