Monthly Archive: August 2018

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. Date published : 2018-08-17 Dojo 1.14 released https://github.com/dojo/dojox/pull/283

A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification. Date published : 2018-08-17 https://github.com/mspaling/sentinel-ddos-signature/blob/master/sentinel-ddos-signature.txt https://support.radware.com/app/answers/answer_view/a_id/17879/~/security-advisory-sentinel-reflection-ddos

A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior (fixed in 1.9.3.602) allows an attacker to take control of the whitelisting feature (MyRules2.ini under %LOCALAPPDATA%ZemanaZALSDK) to permit execution of...

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT application intents. The LG ID is LVE-SMP-180006. Date published : 2018-08-17 https://lgsecurity.lge.com/security_updates.html https://www.kryptowire.com/portal/android-firmware-defcon-2018/

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c,...

An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests...

An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on...

An issue was discovered in Xen through 4.11.x. ARM never properly implemented grant table v2, either in the hypervisor or in Linux. Unfortunately, an ARM guest can still request v2 grant tables; they will...

An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the...

An attacker without authentication can login with default credentials for privileged users in Eltex ESP-200 firmware version 1.2.0. Date published : 2018-08-17 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-016-eltex-esp-200-router-default-password-usage/

An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0. Date published : 2018-08-17 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-015-eltex-esp-200-router-unsecure-sudo-configuration/

An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0. Date published : 2018-08-17 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-014-eltex-esp-200-router-build-in-user-with-highest-privileges/

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0. Date published : 2018-08-17 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-013-eltex-esp-200-router-information-disclosure/

An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0. Date published : 2018-08-17 https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-012-eltex-esp-200-router-command-injection/