aerospike -- database_server
|
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
Ref: 速度とスケーラビリティを両立させた高パフォーマンスNoSQLデータベース
|
2017-02-21
|
|
|
・・・
|
|
|
|
|
apple -- iphone_os
|
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue involves the "WebSheet" component, which allows attackers to bypass a sandbox protection mechanism via unspecified vectors.
|
2017-02-20
|
|
|
apple -- mac_os_x
|
An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the "AppleGraphicsControl" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
|
2017-02-20
|
|
|
・・・mac_os_x 10件強、省略・・・
|
|
|
|
|
apple -- watch_os
|
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
|
2017-02-20
|
|
|
|
Apple watch OS、
BID 94905 他にも数件・・・省略・・・
|
|
|
|
apple -- watch_os
|
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
|
2017-02-20
|
|
|
|
Apple watch OS、
BID 94904 他にも数件・・・省略・・・
|
|
|
|
apple -- watch_os
|
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
|
2017-02-20
|
|
|
apple -- watch_os
|
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (buffer overflow) via a crafted app.
|
2017-02-20
|
|
|
cmsmadesimple -- form_builder
|
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form.
Ref: POWER FOR PROFESSIONALS SIMPLICITY FOR END USERS
|
2017-02-21
|
|
|
dell -- sonicwall_secure_remote_access_server
|
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out information about the state of the system. The application doesn't properly escape the information passed in the 'tsrDeleteRestartedFile' or 'currentTSREmailTo' variables before making a call to system(), allowing for remote command injection. Exploitation of this vulnerability yields shell access to the remote machine under the nobody user account.
Ref: セキュリティ機能付き高機能ワイヤレスルータ UTM
|
2017-02-22
|
|
|
・・・
|
|
|
|
|
disksavvy -- disksavvy_enterprise
|
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
Ref: Disk space usage analyzer
|
2017-02-22
|
|
|
dlink -- websmart_dgs-1510_series_firmware
|
D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Command Bypass attacks via unspecified vectors.
|
2017-02-23
|
|
|
facebook -- hhvm
|
Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.
Ref: HipHop Virtual Machine
|
2017-02-17
|
|
|
|
CVE 2016-6871, 6872, 6873, 6874, 6875は省略
|
|
|
|
linux -- linux_kernel
|
Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.
|
2017-02-22
|
|
|
|
他に、下記CVEは省略
CVE-2017-6074
--> 03/02 追記
6074 やばいらしい
↓
・Linux カーネルの脆弱性により、権限昇格が行える脆弱性(CVE-2017-6074)に関する調査レポート(03/01)
|
|
|
|
mail-masta -- mail-masta_plugin
|
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress. This affects /inc/lists/csvexport.php (Unauthenticated) with the GET Parameter: list_id.
|
2017-02-21
|
|
|
metalgenix -- genixcms
|
CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. The forgotpassword.php page can be used to acquire a token.
|
2017-02-21
|
|
|
netgear -- dgn2200_firmware
|
ping.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping_IPAddr field of an HTTP POST request.
|
2017-02-22
|
|
|
trendmicro -- interscan_web_security_virtual_appliance
|
Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update functionality. This was resolved in Version 6.5 CP 1737.
|
2017-02-21
|
|
|
zyxel -- usg50_firmware
|
Zyxel USG50 Security Appliance and NWA3560-N Access Point allow remote attackers to cause a denial of service (CPU consumption) via a flood of ICMPv4 Port Unreachable packets.
|
2017-02-21
|
|
|
No comments:
Post a Comment