Skip to content

Joomfish System Plugin not enabled Home Early Warning System Issues
Issues
SMBLoris Flaw in Server Message Block (SMB) Protocol
Tuesday, 01 August 2017 14:40

A flaw called SMBLoris was reported in the Server Message Block (SMB) protocol. An attacker who initiates a large amount of connections to the service will be able to deplete the memory and CPU resources of the targeted machine on a Denial of Service (DoS) attack. No solution was available at the time of this entry.The recommendation is to use a packet filter, like a Firewall, to limit the number of connections from a same source to the Windows servers on port 445 (SMB).

 
Lepide LepideAuditor Suite Remote Code Execution Vulnerability
Tuesday, 27 June 2017 10:05

A vulnerability was discovered in Lepide LepideAuditor Suite. An unauthenticated, remote attacker may be able to execute arbitrary code on vulnerable installations of Lepide LepideAuditor Suite. The genratereports.php fail to properly validate a user-supplied command prior to using it in system calls. The more general flaw is that the software trusts responses from a server that is specified by a user and can be induced to execute commands from that server. No solution was available at the time of this entry.

 
ZoneMinder Cross Site Scripting Vulnerability (CVE-2016-10203)
Monday, 29 May 2017 11:49

A cross-site scripting vulnerability was reported in ZoneMinder 1.30 and prior versions. An attacker may be able to execute arbitrary script code in the browser in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. No solution was available at the time of this entry.

 
Trend Micro Threat Discovery Appliance Authentication Bypass Vulnerability (CVE-2016-8584)
Tuesday, 09 May 2017 10:42

A vulnerability was reported in Trend Micro Threat Discovery Appliance 2.6.1062r1 and prior versions. An attacker may be able to bypass the authentication mechanism and perform unauthorized actions. No solution was available at the time of this entry.

 
Zabbix Proxy Server SQL Database Write Vulnerability
Tuesday, 02 May 2017 17:19

A security-bypass vulnerability was reported in Zabbix. An attacker may be able to bypass certain security restrictions and perform unauthorized actions by conducting a man-in-the-middle attack or obtain sensitive information.No solution was available at the time of this entry.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 4 of 142
[YOUR IP: 3.227.254.12: 45284] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...