CVE-2016-5642
Opmantek NMIS before 8.5.12G has XSS via SNMP.
CVE-2016-6534
Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations.
Domain Whitelisting With Alexa and Umbrella Lists – update, (Sun, Apr 9th)
A was asked if I could share the files of my last diary entry: text-align:left”>You can find the files on my”>site here. And to teach you how to fish :-), here are the commands I used to produce these lists: margin-right:0px”>csv-cut.py -s t 1 emd.txt text-align:left”>My csv tools can be found on my text-align:left”>My assumption …
Read more “Domain Whitelisting With Alexa and Umbrella Lists – update, (Sun, Apr 9th)”
Domain Whitelisting With Alexa and Umbrella Lists – update, (Sun, Apr 9th)
A was asked if I could share the files of my last diary entry: Domain Whitelisting With Alexa and Umbrella Lists. You can find the files on my site here. And to teach you how to fish :-), here are the commands I used to produce these lists: csv-cut.py -s t 1 emd.txt blacklist.txt csv-lookup.py …
Read more “Domain Whitelisting With Alexa and Umbrella Lists – update, (Sun, Apr 9th)”
CVE-2017-7599
LibTIFF 4.0.7 has an “outside the range of representable values of type short” undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7595
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
CVE-2017-7596
LibTIFF 4.0.7 has an “outside the range of representable values of type float” undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7600
LibTIFF 4.0.7 has an “outside the range of representable values of type unsigned char” undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7603
au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file.
CVE-2017-7598
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.