Author Archives: CERT

Overview
pppd (Point to Point Protocol Daemon) versions 2.4.2 through 2.4.8 are vulnerable to buffer overflow due to a flaw in Extensible Authentication Protocol (EAP) packet processing in eap_request and eap_response subroutines.
Description
PPP is … Continue reading VU#782301: pppd vulnerable to buffer overflow due to a flaw in EAP packet processing→

CWE-78:Improper Neutralization of Special Elements used in an OS Command(‘OS Command Injection’) Multiple ZyXEL devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that… Continue reading VU#498544: ZyXEL pre-authentication command injection in weblogin.cgi→

IBM ServeRAID Manager includes an embedded instance of Java version 1.4.2. Both ServeRAID Manager and Java 1.4.2 are no longer supported. ServeRAID Manager uses a Java Remote Method Invocation(RMI)on port 34571/tcp that listens on all interfaces by def… Continue reading VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service→

CVE-2020-3110 Cisco’s Video Surveillance 8000 Series IP cameras with CDP enabled are vulnerable to a heap overflow in the parsing of DeviceID type-length-value(TLV). The CVSS score reflected below is in regards to this vulnerability. CVE-2020-3111 Cisc… Continue reading VU#261385: Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution→

OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol(SMTP)that is part of the OpenBSD Project. OpenSMTPD’s smtp_mailaddr()function is responsible for validating sender and recipient mail addresses. If the local pa… Continue reading VU#390745: OpenSMTPD vulnerable to local privilege escalation and remote code execution→

Microsoft Internet Explorer contains a scripting engine,which handles execution of scripting languages such as VBScript and JScript. The scripting engine JScript component contains an unspecified memory corruption vulnerability. Any application that su… Continue reading VU#338824: Microsoft Internet Explorer Scripting Engine memory corruption vulnerability→

The Microsoft Windows CryptoAPI,which is provided by Crypt32.dll,fails to validate ECC certificates in a way that properly leverages the protections that ECC cryptography should provide. As a result,an attacker may be able to craft a certificate that a… Continue reading VU#849224: Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains→

CDNs use HTTP caching software to provide high availability and high performance by distributing the service spatially relative to end-users. The HTTP caching software interprets the HTTP request from a website visitor(web client)using the supplied HTT… Continue reading VU#335217: Multiple caching service providers are vulnerable to HTTP cache poisoning→

Microsoft Windows Remote Desktop Gateway(RD Gateway)is a Windows Server component that provides access to Remote Desktop services without requiring the client system to be present on the same network as the target system. Originally launched as Termina… Continue reading VU#491944: Microsoft Windows Remote Desktop Gateway allows for unauthenticated remote code execution→

Citrix has published a security bulletin that mentions a vulnerability that can be exploited to achieve arbitrary code execution by a remote,unauthenticated attacker. Although the bulletin does not describe details about the vulnerability,the mitigatio… Continue reading VU#619785: Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP web server vulnerability→