VARIoT IoT vulnerabilities database

D-LinkDIR615/645/815 is a wireless router product from D-Link. A remote command execution vulnerability exists in D-Link DIR615/645/815 Router 1.03 and previous firmware versions. The vulnerability is caused by the splicing of the data in the HTTP POST request in service.cgi, causing the background commands to be spliced, resulting in arbitrary commands.

A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system. Brocade Fabric OS (FOS) Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. BrocadeFibreChannelSANproducts are Brocade switches and BrocadeFabricOS (FOS) is an embedded system running on them. Security vulnerabilities exist in BrocadeFibreChannelSAN products prior to BrocadeFOS7.4.2b, pre-8.1.2, and pre-8.0.6 IPv6 stacks. Broadcom Fabric OS is prone to a remote denial-of-service vulnerability. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to excessive CPU consumption. Versions prior to Broadcom Fabric OS 7.4.2b, 8.1.2 and 8.2.0 are vulnerable

Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMerl/asuswrt-merlin) allows web authenticated attackers to execute code via a request that updates a setting. In ej_update_variables, the length of the variable action_script is not checked, as long as it includes a "_wan_if" substring. ASUS The router contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ASUSrouters is a wireless router product from ASUS. A buffer overflow vulnerability exists in the \342\200\230ej_update_variables\342\200\231 function of the router/httpd/web.c file in the ASUS router. An attacker could exploit the vulnerability to execute code by sending a request to update settings

A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high CPU utilization on the targeted device. The vulnerability is due to insufficient rate limiting protection for IPv6 ingress traffic. An attacker could exploit this vulnerability by sending the affected device a high rate of IPv6 packets. Successful exploitation could allow the attacker to cause a DoS condition due to CPU and resource constraints. Cisco Bug IDs: CSCuv34544. Cisco UCS Central The software is vulnerable to resource exhaustion. Vendors have confirmed this vulnerability Bug ID CSCuv34544 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to cause the affected device to consume excessive CPU resources, denying service to legitimate users

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. To exploit this vulnerability, the attacker would need to authenticate to the affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93332. Cisco StarOS The operating system includes OS A command injection vulnerability exists. Vendors have confirmed this vulnerability Bug ID CSCvf93332 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Cisco ASR5000 Seriesrouters is a 5000 series secure router device from Cisco. The Cisco StarOS operating system is a set of virtualized operating systems running on it

MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. MASTER IPCAMERA01 The device contains an access control vulnerability.Information may be tampered with. MASTERIPCAMERA01 is an IP network camera product. A configuration error vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. An attacker could exploit this vulnerability to change the configuration. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities # Date: 17-01-2018 # Remote: Yes # Exploit Authors: Daniele Linguaglossa, Raffaele Sabato # Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89 # Vendor: Master IP CAM # Version: 3.3.4.2103 # CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726 I DESCRIPTION ======================================================================== The Master IP CAM 01 suffers of multiple vulnerabilities: # [CVE-2018-5723] Hardcoded Password for Root Account # [CVE-2018-5724] Unauthenticated Configuration Download and Upload # [CVE-2018-5725] Unauthenticated Configuration Change # [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure II PROOF OF CONCEPT ======================================================================== ## [CVE-2018-5723] Hardcoded Password for Root Account Is possible to access telnet with the hardcoded credential root:cat1029 ## [CVE-2018-5724] Unauthenticated Configuration Download and Upload Download: http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi Upload Form: ### Unauthenticated Configuration Upload <form name="form6" method="post" enctype="multipart/form-data" action="cgi-bin/hi3510/restore.cgi" > <input type="file" name="setting_file" > <input type="submit" value="restore" > </form> ## [CVE-2018-5725] Unauthenticated Configuration Change Change configuration: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080 List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf ## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure Retrieve sensitive information: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser III REFERENCES ======================================================================== http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf

MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. MASTER IPCAMERA01 The device contains a vulnerability related to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An attacker could exploit this vulnerability to gain root privileges. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities # Date: 17-01-2018 # Remote: Yes # Exploit Authors: Daniele Linguaglossa, Raffaele Sabato # Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89 # Vendor: Master IP CAM # Version: 3.3.4.2103 # CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726 I DESCRIPTION ======================================================================== The Master IP CAM 01 suffers of multiple vulnerabilities: # [CVE-2018-5723] Hardcoded Password for Root Account # [CVE-2018-5724] Unauthenticated Configuration Download and Upload # [CVE-2018-5725] Unauthenticated Configuration Change # [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure II PROOF OF CONCEPT ======================================================================== ## [CVE-2018-5723] Hardcoded Password for Root Account Is possible to access telnet with the hardcoded credential root:cat1029 ## [CVE-2018-5724] Unauthenticated Configuration Download and Upload Download: http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi Upload Form: ### Unauthenticated Configuration Upload <form name="form6" method="post" enctype="multipart/form-data" action="cgi-bin/hi3510/restore.cgi" > <input type="file" name="setting_file" > <input type="submit" value="restore" > </form> ## [CVE-2018-5725] Unauthenticated Configuration Change Change configuration: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080 List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf ## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure Retrieve sensitive information: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser III REFERENCES ======================================================================== http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf

MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. MASTER IPCAMERA01 The device contains an information disclosure vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTERIPCAMERA01 is an IP network camera product. An information disclosure vulnerability exists in the MASTERIPCAMERA013.3.4.2103 release. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities # Date: 17-01-2018 # Remote: Yes # Exploit Authors: Daniele Linguaglossa, Raffaele Sabato # Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89 # Vendor: Master IP CAM # Version: 3.3.4.2103 # CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726 I DESCRIPTION ======================================================================== The Master IP CAM 01 suffers of multiple vulnerabilities: # [CVE-2018-5723] Hardcoded Password for Root Account # [CVE-2018-5724] Unauthenticated Configuration Download and Upload # [CVE-2018-5725] Unauthenticated Configuration Change # [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure II PROOF OF CONCEPT ======================================================================== ## [CVE-2018-5723] Hardcoded Password for Root Account Is possible to access telnet with the hardcoded credential root:cat1029 ## [CVE-2018-5724] Unauthenticated Configuration Download and Upload Download: http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi Upload Form: ### Unauthenticated Configuration Upload <form name="form6" method="post" enctype="multipart/form-data" action="cgi-bin/hi3510/restore.cgi" > <input type="file" name="setting_file" > <input type="submit" value="restore" > </form> ## [CVE-2018-5725] Unauthenticated Configuration Change Change configuration: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080 List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf ## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure Retrieve sensitive information: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser III REFERENCES ======================================================================== http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf

Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Difficult to exploit vulnerability allows low privileged attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Integrated Lights Out Manager (ILOM), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized access to critical data or complete access to all Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.0 Base Score 7.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N). The vulnerability can be exploited over the 'TLS' protocol

Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). Supported versions that are affected are 3.x and 4.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Integrated Lights Out Manager (ILOM). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Integrated Lights Out Manager (ILOM). CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). The vulnerability can be exploited over the 'TLS' protocol. Attackers can take advantage of this vulnerability to read, update, insert or delete data without authorization, causing denial of service and affecting data confidentiality, availability and integrity

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. Cobham Sea Tel 121 The device contains an information disclosure vulnerability.Information may be obtained. CobhamSeaTel is a wireless communication terminal product from Cobham, UK. An information disclosure vulnerability exists in the CobhamSeaTel121build222701 release

ForceControl is the configuration software developed by Force Control Technology for the general monitoring configuration software market. As the basic platform software in industrial automation software, it can provide solutions for various industries. There is a code execution vulnerability in ForceControl. This vulnerability is due to the function assignment of the reserved structure parameters, which causes the execution of the wrong code and causes the program to crash. An attacker could use this vulnerability to cause arbitrary code execution

Yingwei Teng is a key high-tech enterprise of the National Torch Program. It relies on power electronics, automatic control and information technology. Its business covers industrial automation, new energy vehicles, network energy and rail transportation. There is a logic vulnerability in the VTDesigner, which is due to the Compare function failing to compare the project file label CTagGroup. An attacker could exploit the vulnerability to make the memory address anomalous, causing the program to refuse service

Zijinqiao monitoring configuration software is a general industrial configuration software developed by Zijinqiao Company in long-term scientific research and engineering practice. There is a memory out-of-bounds reading vulnerability in the Zijinqiao monitoring configuration software when opening a specific project. An attacker can use this vulnerability to cause information leakage or denial of service

MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. MASTER IPCAMERA01 The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MASTER IPCAMERA01 is an IP network camera product. A security vulnerability exists in MASTER IPCAMERA01 version 3.3.4.2103. # Exploit Title: Master IP CAM 01 Multiple Vulnerabilities # Date: 17-01-2018 # Remote: Yes # Exploit Authors: Daniele Linguaglossa, Raffaele Sabato # Contact: https://twitter.com/dzonerzy, https://twitter.com/syrion89 # Vendor: Master IP CAM # Version: 3.3.4.2103 # CVE: CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726 I DESCRIPTION ======================================================================== The Master IP CAM 01 suffers of multiple vulnerabilities: # [CVE-2018-5723] Hardcoded Password for Root Account # [CVE-2018-5724] Unauthenticated Configuration Download and Upload # [CVE-2018-5725] Unauthenticated Configuration Change # [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure II PROOF OF CONCEPT ======================================================================== ## [CVE-2018-5723] Hardcoded Password for Root Account Is possible to access telnet with the hardcoded credential root:cat1029 ## [CVE-2018-5724] Unauthenticated Configuration Download and Upload Download: http://192.168.1.15/web/cgi-bin/hi3510/backup.cgi Upload Form: ### Unauthenticated Configuration Upload <form name="form6" method="post" enctype="multipart/form-data" action="cgi-bin/hi3510/restore.cgi" > <input type="file" name="setting_file" > <input type="submit" value="restore" > </form> ## [CVE-2018-5725] Unauthenticated Configuration Change Change configuration: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=sethttpport&-httport=8080 List of available commands here: http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf ## [CVE-2018-5726] Unauthenticated Sensitive Information Disclousure Retrieve sensitive information: http://192.168.1.15/web/cgi-bin/hi3510/param.cgi?cmd=getuser III REFERENCES ======================================================================== http://syrion.me/blog/master-ipcam/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5723 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5724 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5725 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5726 http://www.themadhermit.net/wp-content/uploads/2013/03/FI9821W-CGI-Commands.pdf

ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (router unreachable/unresponsive) via a flood of fragmented UDP packets. ZyXEL P-660HW The device contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The ZyXELP-660HW is a highly integrated router from ZyXEL Technology Inc. that is compatible with existing high-speed ADSL, ADSL2 and ADSL2+ interfaces on copper. A security vulnerability exists in the ZyXELP-660HW3 version

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. BIND 9 Includes remote service disruption ( DoS ) Is possible, and there are vulnerabilities due to imperfect implementation. BIND 9 Has an error in the order of cleanup processing in iterative search. As a result, freed memory usage (use-after-free) by assertion failure Occurs, named May end abnormally.Service disruption by a remote third party (DoS) attack (named Stop ) May be done. ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. =========================================================================== Ubuntu Security Notice USN-3535-2 January 17, 2018 bind9 vulnerability =========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Bind could be made to crash if it received specially crafted network traffic. This update provides the corresponding update for Ubuntu 12.04 ESM. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: bind9=C2=A01:9.8.1.dfsg.P1-4ubuntu0.24 In general, a standard system update will make all the necessary changes. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/bind-9.10.6_P1-i586-1_slack14.2.txz: Upgraded. For more information, see: https://kb.isc.org/article/AA-01542 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.11_P1-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.11_P1-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.11_P1-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.11_P1-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.11_P1-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.11_P1-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.11_P1-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.10.6_P1-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.10.6_P1-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.11.2_P1-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.11.2_P1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: e80dd64171589e36710b7bbef0dc962f bind-9.9.11_P1-i486-1_slack13.0.txz Slackware x86_64 13.0 package: d482641f326a7543ac49b52b14066264 bind-9.9.11_P1-x86_64-1_slack13.0.txz Slackware 13.1 package: bcda49076768b83ba97d34ce33fa1149 bind-9.9.11_P1-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 67fff04baa5e780a4da0a369bb2387b3 bind-9.9.11_P1-x86_64-1_slack13.1.txz Slackware 13.37 package: e9da89b964b1ad8274e381f4fadc8932 bind-9.9.11_P1-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 15cf2689ec701d49db3ac2402b1cfd8e bind-9.9.11_P1-x86_64-1_slack13.37.txz Slackware 14.0 package: cb697b092fc9f0ca0d34908d982704d3 bind-9.9.11_P1-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 7fc7c78eab670800e8050619e32a9f10 bind-9.9.11_P1-x86_64-1_slack14.0.txz Slackware 14.1 package: 112d11d4a5da750dc97e8e7b453b788c bind-9.9.11_P1-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 33b23dd33c5e8858bbaf01e021d948a1 bind-9.9.11_P1-x86_64-1_slack14.1.txz Slackware 14.2 package: 3e3789b5a4d08f09511648bd0241f09f bind-9.10.6_P1-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 3771a2d36a6e3d49979386c5258de1da bind-9.10.6_P1-x86_64-1_slack14.2.txz Slackware -current package: 339eaae45be15550afc28fb2d4cad9a9 n/bind-9.11.2_P1-i586-1.txz Slackware x86_64 -current package: ede731e198dd2858a82498e6613ca0a5 n/bind-9.11.2_P1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg bind-9.10.6_P1-i586-1_slack14.2.txz Then, restart the name server: # /etc/rc.d/rc.bind restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. 6) - i386, x86_64 3. 7.2) - noarch, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2018:0487-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0487 Issue date: 2018-03-12 CVE Names: CVE-2017-3145 ===================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.12.src.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: bind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.13.src.rpm x86_64: bind-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-chroot-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-libs-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-libs-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-utils-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.8.src.rpm x86_64: bind-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-chroot-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-libs-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-libs-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-utils-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.10.src.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: bind-9.8.2-0.30.rc1.el6_6.10.src.rpm x86_64: bind-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-chroot-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-libs-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-utils-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: bind-9.8.2-0.37.rc1.el6_7.12.src.rpm i386: bind-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.i686.rpm ppc64: bind-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm s390x: bind-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.s390x.rpm x86_64: bind-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-chroot-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-libs-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-utils-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: bind-9.8.2-0.17.rc1.el6_4.13.src.rpm x86_64: bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-debuginfo-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-devel-9.8.2-0.17.rc1.el6_4.13.i686.rpm bind-devel-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm bind-sdb-9.8.2-0.17.rc1.el6_4.13.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.5): Source: bind-9.8.2-0.23.rc1.el6_5.8.src.rpm x86_64: bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-debuginfo-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-devel-9.8.2-0.23.rc1.el6_5.8.i686.rpm bind-devel-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm bind-sdb-9.8.2-0.23.rc1.el6_5.8.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-debuginfo-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.i686.rpm bind-devel-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm bind-sdb-9.8.2-0.30.rc1.el6_6.10.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 6.7): i386: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.i686.rpm ppc64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.ppc.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.ppc64.rpm s390x: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.s390.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.s390x.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.s390x.rpm x86_64: bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-debuginfo-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.i686.rpm bind-devel-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm bind-sdb-9.8.2-0.37.rc1.el6_7.12.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3145 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFapuHoXlSAg2UNWIIRApI5AJ9D6cQ9NxkCATQtDIoJ9SB0ekXKbwCgpOKO viuhqUpM6GkfDjqGPnp9n+E= =nWW0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - aarch64, ppc64le 3. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request

Intel AMT, the full name of INTEL Active Management Technology (Intel Active Management Technology), is essentially an embedded system integrated in the chipset, independent of the specific operating system. This technology allows administrators to remotely manage and repair networked computer systems, and the implementation process is completely transparent to the client. Intel AMT has high-risk security vulnerabilities. Attackers can use the Intel Management Engine BIOS extension (MEBx) default password \"admin\" to log in, gain full control of the system, steal data, and deploy malware on the device.

D-LinkDIR-629 and DIR-823 are both D-Link wireless router products. A remote stack overflow vulnerability exists in D-LinkDIR-629 and DIR-823. The vulnerability is due to the use of the sprintf() function in soap.cgi to stitch the HTTP_SOAPACTION field of the http request and store it on the stack, causing a buffer overflow.

KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. KingView Contains an integer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. KingView is the first domestic company to launch industrial configuration software products. Asian Control Technology KingView has an integer overflow vulnerability. This vulnerability is due to stgopenstorage read failure, and the returned error code is beyond the scope of int on 32-bit systems. An attacker could use this vulnerability to execute arbitrary code