Vulnerability Updates

National Cyber Awareness System's Weekly Bulletins For The Month

RSS CERT Vulnerability Notes

RSS National Vulnerability Database

  • CVE-2018-5706 2018-01-16
    An issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can modify teams to give themselves Administer System permissions even if they didn't have them, as demonstrated by use of the RoleEdit or TeamEdit permission.
  • CVE-2018-5703 2018-01-16
    The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.
  • CVE-2018-5704 2018-01-16
    Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site.
  • CVE-2018-5709 2018-01-16
    An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we […]
  • CVE-2018-5710 2018-01-16
    An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote authenticated users to cause a denial of service (NULL pointer dereference) via a modified kadmin client.

RSS SecurityFocus Vulnerabilities List

RSS Symantec Vulnerabilities List

RSS Packet Storm’s Apple Vulnerability List

  • Apple Security Advisory 2018-1-8-3 2018-01-09
    Apple Security Advisory 2018-1-8-3 - Safari 11.0.2 is now available and and addresses security issues relating to Spectre.
  • Apple Security Advisory 2018-1-8-2 2018-01-09
    Apple Security Advisory 2018-1-8-2 - macOS High Sierra 10.13.2 Supplemental Update includes security improvements to Safari and WebKit to mitigate the effects of Spectre.
  • Apple Security Advisory 2018-1-8-1 2018-01-09
    Apple Security Advisory 2018-1-8-1 - iOS 11.2.2 is now available and and addresses Spectre issues with Safari and WebKit.
  • Apple Security Advisory 2017-12-13-6 2017-12-16
    Apple Security Advisory 2017-12-13-6 - iOS 11.2 addresses issues relating to interception, memory corruption, and more. This advisory provides additional information for APPLE-SA-2017-12-6-2.
  • Apple Security Advisory 2017-12-13-4 2017-12-16
    Apple Security Advisory 2017-12-13-4 - iTunes 12.7.2 for Windows is now available and addresses code execution and privacy issues.

RSS Packet Storm’s Windows Vulnerability List

  • Kaseya VSA R9.2 Arbitrary File Read 2018-01-15
    A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.
  • Windows Kernel Exploitation Tutorial Part 5: NULL Pointer Dereference 2018-01-12
    Whitepaper called Windows Kernel Exploitation Tutorial Part 5: NULL Pointer Dereference.
  • Wireshark Analyzer 2.4.4 2018-01-12
    Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
  • ALLMediaServer 0.95 Stack Buffer Overflow 2018-01-12
    ALLMediaServer version 0.95 stack buffer overflow exploit with DEP bypass on Windows 7 x64.
  • Microsoft Windows SMB Server Mount Point Privilege Escalation 2018-01-11
    On Microsoft Windows, the SMB server drivers (srv.sys and srv2.sys) do not check the destination of a NTFS mount point when manually handling a reparse operation leading to being able to locally open an arbitrary device via an SMB client which can result in privilege escalation.