MikroTik RouterOS is prone to a security-bypass vulnerability because the software fails to sufficiently sanitize SNMP requests. Successfully exploiting this issue allows attackers to write to and change certain aspects of the Network Management System (NMS). This may aid in further attacks. Versions up to and including RouterOS 3.13 and 2.9.51 are vulnerable.
Category Archives: Checkpoint
Checkpoint
ISC BIND DNAME Response Processing Denial of Service (CVE-2016-8864)
A denial of service vulnerability has been reported in ISC BIND. The vulnerability is due to a flaw processing recursive DNAME responses that can cause the target resolver to crash. A remote, unauthenticated attacker could exploit this vulnerability against DNS servers that perform recursive queries by providing responses with a crafted DNAME answer. Successful exploitation could lead to a denial-ofservice.
Joomla Suspicious File Upload
Multiple vulnerabilities exist in Joomla, allowing a remote attacker to upload a malicious file. Successful exploitation could result in the execution of arbitrary code in the security context of the web server.
WordPress Answer My Question Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress Answer My Question Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
SugarCRM REST Unserialize PHP Code Execution
A PHP code execution vulnerability exists in SugarCRM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
WordPress Symposium Plugin SQL Injection (CVE-2015-6522)
An SQL injection vulnerability exists in the WordPress Symposium Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
FreePBX Framework remotemod Parameter Remote Command Execution
A remote command execution vulnerability exists in FreePBX. The vulnerability is due to lack of sanitization for ‘remotemod’ parameter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary command in the security context of the affected service.
OpenSSL tls_get_message_body Function init_msg Structure Use After Free (CVE-2016-6309)
A use-after-free vulnerability has been reported in the tls_get_message_body function of OpenSSL. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted message to the vulnerable server. Successful exploitation allows the attacker to execute arbitrary code on the system.
HPE Network Automation RPCServlet Insecure Deserialization (CVE-2016-8511)
An insecure deserialization vulnerability has been reported in the RPCServlet of HPE Network Automation. The vulnerability is due to the deserialization of untrusted data. A remote attacker can exploit this vulnerability sending a request with crafted serialized data to the exposed RPCServlet. Successful exploitation would result in the execution of arbitrary code under the context of the process.
Adobe Flash Player Buffer Overflow (APSB16-39: CVE-2016-7869; CVE-2016-7869)
A buffer overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.