Monthly Archives: February 2017

NVD

CVE-2016-10208

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.

Hackers News

Windows SMB Zero-Day Exploit Released in the Wild after Microsoft delayed the Patch

Last weekend a security researcher publically disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months.

The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could allow a remote, unauthenticated attacker to crash systems with

NVD

CVE-2016-10098

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command Injection vulnerabilities allow attackers to execute arbitrary system commands.

NVD

CVE-2017-5137

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.

NVD

CVE-2017-5136

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. The application failed to check the access control of the request which could result in an attacker being able to shutdown the system.

Hackers News

Anonymous Hacker took down over 10,000 Dark Web Sites; Leaked User Database

Dark Web is right now going through a very rough time.

Just two days ago, a hacker group affiliated with Anonymous broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites with an alarming announcement to its visitors, which said:

“Hello, Freedom Hosting II, you have been hacked.”

Freedom Hosting II is the single largest host of underground