-
CVE-2018-5732 dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server
CVE ID CVE-2018-5732 DESCRIPTION An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running on DHCP client machines via a crafted DHCP response packet. CVSS3 Base Score 7.5 RESOLUTION Apply…
-
CVE-2017-1000379: kernel: PIE binary stack mapping
CVE ID CVE-2017-1000379 DESCRIPTION The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. RESOLUTION Resolved in…
-
CVE-2017-12477: Unitrends bpserverd authentication bypass RCE
CVE ID CVE-2017-12477 DESCRIPTION It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target system. Complexity: High RESOLUTION…
-
CVE-2017-8779 rpcbind: memory leak when failing to parse XDR strings/arrays
CVE ID CVE-2017-8779 DESCRIPTION It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM…
-
CVE-2016-9540 libtiff: cpStripToTile heap-buffer-overflow
CVE ID CVE-2016-9540 DESCRIPTION tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." CVSS3 Base Score 7 Related CVEs: CVE-2016-9537, CVE-2016-9536, CVE-2016-9535, CVE-2016-9534, CVE-2016-9533…
-
[False Positive] ESET Antivirus detects Unitrends PDF email reports as a phishing attack
ISSUE ESET Antivirus detects Unitrends PDF email reports as a phishing attack. RESOLUTION This is a false positive report. Unitrends is working with ESET to resolve this alert. CAUSE Some PDF reports generated by the Unitrends system present logo images housed within the Unitrends website. These logo images have recently…
-
Security: False Positives from Qualsys scan engine
SUMMARY The Qualsys security software reports more false positives than other software, so typical responses are included. DESCRIPTION Sample Scan Results using Qualsys scan engine against a Unitrends system are shown below. The Qualsys scan engine includes a list of 'potential' vulnerabilities (issues that might be…
-
CVE-2018-10675 kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy
CVE ID CVE-2018-10675 DESCRIPTION The do_get_mempolicy() function in mm/mempolicy.c in the Linux kernel allows local users to hit a use-after-free bug via crafted system calls and thus cause a denial of service (DoS) or possibly have unspecified other impact. Due to the nature of the flaw, privilege escalation cannot be…
-
How to apply Unitrends security updates
DESCRIPTION See Unitrends Response to certain security vulnerabilities (CVEs) - Reference Article for reference information on various security vulnerabilities which have been addressed, and some common false positives which may occur during some common security scans. RESOLUTION As of release 10.3.1, all Security Updates…
-
CVE-2013-6438 httpd: mod_dav denial of service via crafted DAV WRITE request
CVE ID CVE-2013-6438 DESCRIPTION The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request. Unitrends…