Monthly Archive: July 2020

In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c. Date published : 2020-07-01 https://github.com/ntop/nDPI/commit/23594f036536468072198a57c59b6e9d63caf6ce

In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. Date published : 2020-07-01 https://github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e

In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short. Date published : 2020-07-01 https://github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701

In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c. Date published : 2020-07-01 https://github.com/ntop/nDPI/commit/61066fb106efa6d3d95b67e47b662de208b2b622

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c. Date published : 2020-07-01 https://github.com/rockcarry/ffjpeg/issues/26

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. Date published : 2020-07-01 https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-04.html https://www.openwall.com/lists/oss-security/2020/07/01/1

Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common...

Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary...

Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding. Date published : 2020-07-01 https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20191211-01_Monsta_FTP_Stored_XSS https://www.monstaftp.com/notes/

php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution. Date published : 2020-07-01 https://locutus.io/php/ https://reallinkers.github.io/CVE-2020-13619/

openSIS through 7.4 allows Directory Traversal. Date published : 2020-07-01 http://packetstormsecurity.com/files/158256/openSIS-7.4-Local-File-Inclusion.html http://packetstormsecurity.com/files/158331/openSIS-7.4-Unauthenticated-PHP-Code-Execution.html

openSIS through 7.4 has Incorrect Access Control. Date published : 2020-07-01 http://packetstormsecurity.com/files/158255/openSIS-7.4-Incorrect-Access-Control.html http://packetstormsecurity.com/files/158331/openSIS-7.4-Unauthenticated-PHP-Code-Execution.html

openSIS through 7.4 allows SQL Injection. Date published : 2020-07-01 http://packetstormsecurity.com/files/158331/openSIS-7.4-Unauthenticated-PHP-Code-Execution.html https://github.com/OS4ED/openSIS-Responsive-Design/commits/master

openSIS before 7.4 allows SQL Injection. Date published : 2020-07-01 https://github.com/OS4ED/openSIS-Responsive-Design/commit/1127ae0bb7c3a2883febeabc6b71ad8d73510de8 https://packetstormsecurity.com/files/158257/openSIS-7.4-SQL-Injection.html