A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Monthly Archives: March 2017
CVE-2017-6799 (mantisbt)
A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the ‘view_type’ parameter.
CVE-2017-6802
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
CVE-2017-6801
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
CVE-2017-6804 (wp_markdown_editor)
A Stored XSS Vulnerability exists in the WP Markdown Editor (aka wp-markdown-editor) plugin 2.0.3 for WordPress. An example attack vector is a crafted IMG element in Add New Post or Edit Post.
CVE-2017-6800
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
CVE-2017-6798
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
CVE-2017-6506
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka “Service ready”) string.
Hardwear.io Call For Papers 2017 is open!
Posted by Yuliya Pliavaka on Mar 10
Dear Hackers and Security Gurus!
Greetings from hardwear.io Conference 2017!
We’re glad to announce that *hardwear.io <http://hardwear.io>* *2017 Call
For Papers* is now open! We are seeking innovative research on hardware
security. If you have done interesting research on attacks or mitigation on
any Hardware and want to showcase it to the security community, just submit
your research paper. Please find all the relevant details for the…
Multiple vulnerabilities discovered in dnaLIMS DNA sequencing web-application
Posted by Nicholas von Pechmann on Mar 10
Title: Multiple vulnerabilities discovered in dnaLIMS DNA sequencing
web-application
Advisory URL:
https://www.shorebreaksecurity.com/blog/product-security-advisory-psa0002-dnalims/
Date published: Mar 08, 2017
Vendor: dnaTools, Inc.
CVE IDs: [2017-6526, 2017-6527, 2017-6528, 2017-6529]
USCERT VU: 929263
Vulnerability Summaries
1) Improperly protected web shell [CVE-2017-6526]
dnaLIMS requires authentication to view cgi-bin/dna/sysAdmin.cgi,…