Category archives: Linux

 

 

 

0

NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow

The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an unauthenticated attacker has to brute force […]

The post NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow appeared first on MondoUnix.

 

 

 

 

0

Logsign Remote Command Injection

This Metasploit module exploits an command injection vulnerability in Logsign. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the root user. Logsign has a publicly accessible endpoint. That endpoint takes a user input and then use it during operating system command execution without proper validation. This Metasploit module was tested against 4.4.2 […]

The post Logsign Remote Command Injection appeared first on MondoUnix.

 

 

 

0

Red Hat Security Advisory 2017-0834-01

Red Hat Security Advisory 2017-0834-01 – The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.5. Source: Red Hat Security Advisory 2017-0834-01

The post Red Hat Security Advisory 2017-0834-01 appeared first on MondoUnix.

 

0

Red Hat Security Advisory 2017-0831-01

Red Hat Security Advisory 2017-0831-01 – Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are […]

The post Red Hat Security Advisory 2017-0831-01 appeared first on MondoUnix.