– new upstream version (52.0)
Monthly Archives: March 2017
Western Digital My Cloud Buffer Overflow
Western Digital My Cloud suffers from a buffer overflow vulnerability that allows for remote code execution.
SEC Consult SA-20170307-0 :: Unauthenticated OS command injection & arbitrary file upload in Western Digital WD My Cloud
Posted by SEC Consult Vulnerability Lab on Mar 07
SEC Consult Vulnerability Lab Security Advisory < 20170307-0 >
=======================================================================
title: Unauthenticated OS command injection & arbitrary file upload
product: Western Digital My Cloud
vulnerable version: at least: 2.21.126 (My Cloud), 2.11.157(My Cloud EX2),
2.21.126 (My Cloud EX2 Ultra), 2.11.157 (My Cloud EX4),…
Western Digital My Cloud vulnerable to Cross-Site Request Forgery vulnerability
Posted by Securify B.V. on Mar 07
————————————————————————
Western Digital My Cloud vulnerable to Cross-Site Request Forgery
vulnerability
————————————————————————
Remco Vermeulen, January 2017
————————————————————————
Abstract
————————————————————————
It was discovered that the Western…
Stack-based buffer overflow in Western Digital My Cloud allows for remote code execution
Posted by Securify B.V. on Mar 07
————————————————————————
Stack-based buffer overflow in Western Digital My Cloud allows for
remote code execution
————————————————————————
Remco Vermeulen, January 2017
————————————————————————
Abstract
————————————————————————
It was discovered that the…
Western Digital My Cloud vulnerable to multiple command injection vulnerabilities
Posted by Securify B.V. on Mar 07
————————————————————————
Western Digital My Cloud vulnerable to multiple command injection
vulnerabilities
————————————————————————
Remco Vermeulen, January 2017
————————————————————————
Abstract
————————————————————————
It was discovered that the Western…
Bull / IBM AIX Clusterwatch / Watchware File Write / Command Injection
Bull / IBM AIX Clusterwatch / Watchware suffers from having trivial admin credentials, system file writes, and OS command injection vulnerabilities.
Western Digital My Cloud Command Injection
Western Digital My Cloud suffers from multiple command injection vulnerabilities.
icoutils-0.31.2-1.el6
Security fix for CVE-2017-6009, CVE-2017-6010, CVE-2017-6011.
icoutils-0.31.2-1.fc26
Security fix for CVE-2017-6009, CVE-2017-6010, CVE-2017-6011.