Vulnerability Updates
National Cyber Awareness System's Weekly Bulletins For The Month
- VU#794544: Heap-Based Buffer Overflow in Sudo:
Overview
A heap-based overflow has been discovered in sudo, which may allow a local attacker to execute commands with elevated administrator privileges.
Description
From …
- VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs:
Overview
Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows user to run arbitrary code with SYSTEM …
- VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities:
Overview
Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory …
- VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning:
Overview
Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker …
- VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths:
Overview
Siemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be used by a privileged Node.js component, which can allow an unprivileged Windows …
National Vulnerability Database
- CVE-2021-20203: An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC …
- CVE-2021-3406: A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.
- CVE-2021-20327: A specific version of the Node.js mongodb-client-encryption module does not perform correct validation of the KMS server’s certificate. This vulnerability in combination with a …
- CVE-2021-20328: Specific versions of the Java driver that support client-side field level encryption (CSFLE) fail to perform correct host name verification on the KMS server’s certificate. This …
- CVE-2020-27543: The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught …
Packet Storm’s Apple Vulnerability List
- Apple Security Advisory 2021-02-09-1: Apple Security Advisory 2021-02-09-1 – macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 address code execution and out of bounds …
- Apple CoreText libType1Scaler.dylib Out-Of-Bounds Write / Integer Overflow: Apple CoreText libType1Scaler.dylib suffers from a heap out-of-bounds-write due to an integer overflow vulnerability in STOREWV othersubr.
- Apple CoreText libFontParser.dylib Stack Corruption: Apple CoreText libFontParser.dylib suffers from a stack corruption vulnerability in the handling of /BlendDesignPositions Type 1 objects.
- Apple CoreText libType1Scaler.dylib Buffer Overflow: Apple CoreText libType1Scaler.dylib suffers from a heap buffer overflow vulnerability in the Counter Control Hints.
- Apple CoreText libType1Scaler.dylib Memory Disclosure: Apple CoreText libType1Scaler.dylib suffers from a memory disclosure vulnerability via an uninitialized transient array.
Packet Storm’s Windows Vulnerability List
- Trojan.Win32.Gofot.htx Buffer Overflow: Trojan.Win32.Gofot.htx malware suffers from a buffer overflow vulnerability.
- Backdoor.Win32.Wollf.h Missing Authentication: Backdoor.Win32.Wollf.h malware suffers from a missing authentication vulnerability.
- Backdoor.Win32.Delf.adag Hardcoded Credentials / Traversal: Backdoor.Win32.Delf.adag malware suffers from hardcoded credential and traversal vulnerabilities.
- Backdoor.Win32.Agent.xw Denial Of Service / Null Pointer: Backdoor.Win32.Agent.xw malware suffers from denial of service and null pointer vulnerabilities.
- Backdoor.Win32.Agent.xs Insecure Permissions: Backdoor.Win32.Agent.xs malware suffers from an insecure permissions vulnerability.