Dnsmasq contains multiple vulnerabilities
Overview Dnsmasq versions 2.77 and earlier contains multiple vulnerabilities. Description Multiple vulnerabilities have been reported in dnsmasq. CWE-122: Heap-based Buffer Overflow - CVE-2017-14491 CWE-122: Heap-based Buffer Overflow - CVE-2017-14492 CWE-121: Stack-based Buffer Overflow -...
9.8CVSS
8.8AI Score
0.923EPSS
[SECURITY] Fedora 27 Update: ejabberd-17.01-5.fc27
ejabberd is a Free and Open Source distributed fault-tolerant Jabber/XMPP server. It is mostly written in Erlang, and runs on many platforms (tested on Linux, FreeBSD, NetBSD, Solaris, Mac OS X and Windows...
1.6AI Score
Lynis 2.5.5 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.9AI Score
ike-scan - Discover and fingerprint IKE hosts (IPsec VPN Servers)
Discover and fingerprint IKE hosts (IPsec VPN Servers). Building and Installing ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter...
7.4AI Score
Nmap 7.60 - Free Security Scanner For Network Exploration & Security Audits
Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP...
7.5AI Score
Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency
Overview Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. Attackers with the ability to transmit messages from a routing domain router may send specially crafted OSPF messages to poison routing....
4.2CVSS
6.2AI Score
0.004EPSS
Cross-Site Request Forgery(CSRF)
Moodle is vulnerable to cross-site request forgery (CSRF) attacks. The attacks exist because it does not properly check session key validity on password-protected lesson modules, allowing the authenticated users to hijack the request sent to (1) mod/lesson/mediafile.php or (2)...
5.7AI Score
0.023EPSS
Lynis 2.5.2 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
7.1AI Score
-0.8AI Score
0.0005EPSS
9.8CVSS
9.7AI Score
EPSS
9.8CVSS
-0.9AI Score
0.025EPSS
Last month, Qualys security researchers in a variety of Unix-based Systems found on called the“Stack Clash”the vulnerability could allow an attacker on a UNIX system to gain root privileges and take over the attack computer. Currently security researchers discovered this flaw and are working with.....
0.5AI Score
blkif responses leak backend stack data
ISSUE DESCRIPTION The block interface response structure has some discontiguous fields. Certain backends populate the structure fields of an otherwise uninitialized instance of this structure on their stacks, leaking data through the (internal or trailing) padding field. IMPACT A malicious...
6.5CVSS
1.4AI Score
0.001EPSS
A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered
Update: Find working Exploits and Proof-of-Concepts at the bottom of this article. Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to...
8.7AI Score
0.002EPSS
Visualizing the Stack Clash Vulnerability with Dashboards
Security teams should apply vendor patches immediately to protect their Linux, OpenBSD, NetBSD, FreeBSD and Solaris infrastructure from The Stack Clash vulnerability (also see the security advisory). To help in that effort, this blog post describes a new built-in Qualys AssetView dashboard to...
6.8AI Score
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.7AI Score
0.025EPSS
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.8AI Score
0.025EPSS
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
9.8CVSS
9.7AI Score
0.006EPSS
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.6AI Score
0.002EPSS
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.7AI Score
0.025EPSS
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
9.8CVSS
9.5AI Score
0.006EPSS
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.6AI Score
0.002EPSS
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier...
9.8CVSS
9.7AI Score
0.002EPSS
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
9.8CVSS
9.6AI Score
0.006EPSS
The NetBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
9.7AI Score
0.006EPSS
NetBSD maps the run-time link-editor ld.so directly below the stack region, even if ASLR is enabled, this allows attackers to more easily manipulate memory leading to arbitrary code execution. This affects NetBSD 7.1 and possibly earlier...
9.8AI Score
0.025EPSS
A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier...
9.8AI Score
0.002EPSS
What is the Stack Clash? The Stack Clash is a vulnerability in the memory management of several operating systems. It affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 and amd64. It can be exploited by attackers to corrupt memory and execute arbitrary code. Qualys researchers discovered....
0.4AI Score
0.002EPSS
Stack Clash Vulnerability in Linux, BSD Systems Enables Root Access
Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors have made patches available today, and systems running Linux, OpenBSD,...
0.7AI Score
0.002EPSS
the Network Mapper Nmap is a free and open source utility for network discovery and security auditing. Network mapper was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for.....
-0.3AI Score
Hashcat v3.6.0 - World's Fastest and Most Advanced Password Recovery Utility
hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable.....
7.6AI Score
Lynis 2.5.0 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
7.8CVSS
7.5AI Score
0.0004EPSS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-17:04.ipfilter Security Advisory The FreeBSD Project Topic: ipfilter(4) fragment handling panic Category: contrib Module: ipfilter Announced: 2017-04-27 Credits:....
7.5CVSS
-0.4AI Score
0.004EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.8CVSS
9.3AI Score
0.007EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.8CVSS
9.2AI Score
0.007EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.8CVSS
8.7AI Score
0.007EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.8CVSS
9.2AI Score
0.007EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.3AI Score
0.007EPSS
dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program and does not offer a protection mechanism for blank-indented diff hunks, which allows remote attackers to conduct directory traversal attacks via a crafted Debian source package, as demonstrated by use of dpkg-source.....
9.8CVSS
4.9AI Score
0.007EPSS
Lynis 2.4.7 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
7.1AI Score
Lynis 2.4.4 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
7.1AI Score
Lynis 2.4.3 - Security Auditing Tool for Unix/Linux Systems
We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security...
6.9AI Score
OpenSSL is vulnerable to denial of service (DoS). A flaw in OpenSSL allows attackers to a double free to occur through DTLS...
5.4AI Score
0.889EPSS
Denial Of Service (DoS) Through Memory Consumption
OpenSSL is vulnerable to denial of service (DoS) through memory consumption. This can be triggered through a DTLS handshake method which forces OpenSSL to process a large amount of data, exhausting the...
5.5AI Score
0.887EPSS
OpenSSL is vulnerable to information disclosure. When pretty printing through the OBJ_obj2txt function in crypto/objects/obj_dat.c is it possible for attackers to read from the process stack memory. This is caused because OpenSSL does not ensure the presence of \0...
5.4AI Score
0.47EPSS
Denial Of Service (DoS) Through Memory Overwrite
OepnSSL is vulnerable to denial of service (DoS) attacks through memory overwrite and client application crash. If a multithreaded client connects to a malicious server using a resumed session, it is possible to trigger a race condition in the ssl_parse_serverhello_tlsext function which allows an.....
4.9AI Score
0.024EPSS
Denial Of Service (DoS) Through Null Pointer Dereference
OpenSSL is vulnerable to denial of service (DoS) attacks through a null pointer dereference. This can be triggered at remote DTLS servers by a handshake message where the ciphersuite is specified as a (1) anonymous DH or (2) anonymous ECDH...
5.6AI Score
0.016EPSS
OpenSSL is vulnerable to man in the middle (MitM) attacks. These attacks are possible through the ssl23_get_client_hello function in s23_srvr.c. It can be triggered by a ClientHello message fragment which forces OpenSSL to negotiate using the TLS 1.0 protocol insteadl of a higher, more secure...
5.1AI Score
0.007EPSS
OpenSSL is vulnerable to denial of service (DoS) attacks. These attacks are possible due to multiple buffer overflows in crypto/srp/srp_lib.c. The buffer overflows can be triggered by an invalid SRP g, A or B...
4.6AI Score
0.912EPSS
Denial Of Service (DoS) Through Memory Consumption
OpenSSL is vulnerable to denial of service (DoS) attacks. These attacks are possible because there is a memory leak in d1_srtp.c which allows remote attackers to consume all the memory through a handshake...
4.3AI Score
0.823EPSS