[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248678

 
 

909

 
 

195426

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 39 Download | Alert*

The host is installed with samba or samb4 on centOS 7 or centOS 6 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle unknown vectors. Successful exploitation could allow attackers to execute malicious code.

A flaw was found in samba when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside of the share.

The host is installed with samba version 4.x and is prone to a denial of service vulnerability. A flaw is present in samba which fails to handle character conversion at log level 3 or above. An unauthenticated attacker could use this flaw to cause samba to crash.

PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.

A flaw was found in BIND, where it does not sufficiently limit the number of fetches that can be performed while processing a referral response. This flaw allows an attacker to cause a denial of service attack. The attacker can also exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

A microarchitectural timing flaw was found on some Intel processors. In a corner case where data in-flight during the eviction process can end up in the fill buffers and not properly cleared by the MDS mitigations. The fill buffer contents (which were expected to be blank) can be inferred using MDS or TAA style attack methods to allow a local attacker to infer fill buffer values.

The host is installed with Control/CentOS Web Panel 7 before 0.9.8.1147 and is prone to an OS command injection vulnerability. A flaw is present in the application, which fails to handle an issue in login/index.php file. Successful exploitation allows remote attackers to execute arbitrary OS commands via shell metacharacters in the login parameter.

The host is installed with kernel on Centos 7 and is prone to an use-after-free vulnerability. A flaw is present in the application, which fails to properly handle a race condition in packet_set_ring leads. Successful exploitation could allow attackers to elevate their privileges on the system.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authenticate without any credentials.


Pages:      Start    1    2    3    ..   3

© SecPod Technologies