MegaPing Buffer Overflow / Denial Of Service
MegaPing suffers from buffer overflow and denial of service vulnerabilities.
Link: https://packetstormsecurity.com/files/150829/megaping-dos.txt
Nsauditor 3.0.28.0 Buffer Overflow
Nsauditor version 3.0.28.0 local SEH buffer overflow exploit.
Link: https://packetstormsecurity.com/files/150830/nsauditor30280-overflow.txt
AnyBurn 4.3 Buffer Overflow / Denial Of Service
AnyBurn version 4.3 suffers from buffer overflow and denial of service vulnerabilities.
Link: https://packetstormsecurity.com/files/150827/anyburn43-dos.txt
Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service
Exel Password Recovery version 8.2.0.0 suffers from buffer overflow and denial of service vulnerabilities.
Link: https://packetstormsecurity.com/files/150828/exelpr8200-dos.txt
SDL Web Content Manager 8.5.0 XML Injection
SDL Web Content Manager version 8.5.0 suffers from an XML external entity injection vulnerability.
Link: https://packetstormsecurity.com/files/150826/sdlwcm850-xxe.txt
Microsoft Windows jscript!JsArrayFunctionHeapSort Out-Of-Bounds Write
There is an out-of-bounds write vulnerability in jscript.dll in the JsArrayFunctionHeapSort function. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local network.
Link: https://packetstormsecurity.com/files/150831/GS20181219043841.txt
Red Hat Security Advisory 2018-3852-01
Red Hat Security Advisory 2018-3852-01 – IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP25. Issues addressed include a denial of service vulnerability.
Link: https://packetstormsecurity.com/files/150824/RHSA-2018-3852-01.txt
VMware Security Advisory 2018-0031
VMware Security Advisory 2018-0031 – vRealize Operations updates address a local privilege escalation vulnerability.
Link: https://packetstormsecurity.com/files/150825/VMSA-2018-0031.txt
How to Locate & Exploit Devices Vulnerable to the Libssh Security Flaw
Computers all over the world rely on a program called “libssh" to use the SSH communications protocol, which allows trusted users to log in and administer computers remotely. Due to a flaw in libssh, fooling a computer into granting SSH access is as easy as telling it you already have permission. The vulnerability can lead to an attacker gaining complete control over a device.
What SSH Is & Why We Have a Big Problem
Computers underpin many of the essential systems in our society, and these systems need to be periodically accessed and updated. For network admins and other IT professionals… more
