Description: The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP – Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must...
Read More
Description: BIND is open source software that enables you to publish your Domain Name System (DNS) information on the Internet, and to resolve DNS queries for your users. An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND...
Read More
Description: BIND is open source software that enables you to publish your Domain Name System (DNS) information on the Internet, and to resolve DNS queries for your users. An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully...
Read More
Description: Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. Impact: An attacker who successfully exploited the vulnerability could take control of an affected system. Mitigation: Updates are available. Please check specific vendor advisory for...
Read More
Description: Drupal 8.3.7 is a maintenance release which contain fixes for security vulnerabilities. Updating your existing Drupal 8 sites is strongly recommended. This release fixes security issues only; there are no new features nor non-security-related bug fixes in this release. Impact: A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. Mitigation: Updates are available. Please check specific vendor advisory for more...
Read More
