Ubuntu Security Notice 5173-1 - It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
740faf462661aa2f8b10bcd2adde7ab93a6891479486065b563ba76c96dbfa09RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device. Versions 8.0B and below are affected.
dd5ca7ea4caa5162c8b67967d3278af0abfd50ff21e9371c5bd80f2300d42ed3Ubuntu Security Notice 5172-1 - It was discovered that uriparser mishandled certain input. An attacker could use this vulnerability to cause uriparser to crash or possibly execute arbitrary code. It was discovered that uriparser incorrectly handled certain URIs. An attacker could use this vulnerability to cause a crash or possibly leak sensitive information.
78a9c2dbad84f9490e14a0959440ef0e1eb66266016317afac206ce7ee55e96fRedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows users with the "sub-admin" privilege to access any files on the PBX's file system. Versions 8.0B and below are affected.
d996a18ccf6aeaf710400d44518247e46de43b267d135f9213bec807dc59597dThe recent commit #9c4440 introduces two vulnerabilities to libcontainer that can be exploited by an attacker with partial control over the bind mount sources of a new container.
ed408918fa162c1e37fcd4ed27b9ab361935aa46728e7fcbca4f23d94f8f25d3Ubuntu Security Notice 5171-1 - It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a denial of service or other unspecified impact.
1b281c62103ad0ebb4c59cde1db74c39efcb0a0ee83254a74c84aa845d08f9b6RedTeam Pentesting discovered a vulnerability in the web-based management interface of the Auerswald COMpact 5500R PBX which allows low-privileged users to access passwords of administrative user accounts. Affected versions include 8.0B and below.
dac326b33fff7e529507312696bf7c1980ce40578237f9caf02f0b838930f9b6RedTeam Pentesting discovered a vulnerability in the web-based configuration management interface of the Auerswald COMfortel 1400 and 2600 IP desktop phones. The vulnerability allows accessing configuration data and settings in the web-based management interface without authentication. Versions 2.8F and below are affected.
a81f22dfd946e817d23fb35f271231f89fc1fa3368c9f66e528ef931719ac208Croogo version 3.0.2 suffers from an authenticated remote code execution vulnerability.
69cb24321500a1eabe06fb8e754fc1e37bd8231ca7df47261d555d176c75139fMicrosoft Internet Explorer suffers from an active-x related bypass vulnerability. Microsoft will not address the issue as it is end of life.
fa22daaea0233f0b687f938d605627bbae7fbc5bb28632e8d17422cd0cf0af81Ubuntu Security Notice 5174-1 - Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.
25c5c900f4302b24fc3b0236ad0320fa6c9153a96b6a27157cc077591a889f60HCL Lotus Notes version 12 suffers from an unquoted service path vulnerability.
99ce7892a35c2e78ef98e09c6e41eff711220ed3ae9d0076949b8089ed762381Simple Online Men's Salon Management System version 1.0 appears to suffer from a time-based remote SQL injection vulnerability.
9fff9dfef2b3a73b60aa0858435f45c8c289e00895835e9fac2e77d52181be64
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed