点赞数:0 漏洞类别:Information gathering 漏洞等级: 漏洞信息 Apache Struts is a framework for building web applications. This QID looks for Struts files and reports the version. NOTE: This detection requires tomcat authentication record. 漏洞危害 解决方案 0day
漏洞类别:CGI 漏洞等级: 漏洞信息 Apache ActiveMQ is an open source message broker written in Java together with a full Java Message Service (JMS) client. The admin interface of Apache ActiveMQ is accessible using default credentials - admin:admin. QID Detection Logic: This…
漏洞类别:General remote services 漏洞等级: 漏洞信息 A SNMP GetBulk request performs multiple GetNext requests and returns the result in a single response. This request can be masqueraded by malicious attackers to launch a SNMP GetBulk flood against a targeted server. QID …
据全球被黑站点统计系统(蚁巢)分析 2017年4月被植入后门总数量如下: 全球区域: 542377 中国区域: 106673 政府机构: 11888 学校机构: 16496 据全球被黑站点统计系统(官网)统计: 2017年4月份全球网站共有891位数据分析师提交被黑页面。 TOP 15 TOP 名称 数量 1 画地为牢 3728 2 由衷热爱 3328 3 仙人跳 2855 4 kele 2405 5 星爷 1988 6 bgeteam 1973 7 AnonymousFox 1243 8 Tobitow 1236…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Sending SIGKILL to other processes with root privileges via su: A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with roo…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe ColdFusion is an application for developing Web sites. Adobe has released security hotfixes for ColdFusion versions 10, 11 and the 2016 release. These hotfixes resolve an input validation issue that could be used in reflected XSS (c…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 The host is running Ubuntu 12.04. Support for Ubuntu 12.04 ended on April 28, 2017. No further updates, including security updates, are available for Ubuntu 12.04. 漏洞危害 The system is at high risk of being exposed to security vul…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for tcpdump, libpcap to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that QEMU incorrectly handled the Virtio GPU device. It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. It was discovered that QEMU incorrectly handled VirtFS directory sharing. It was discovered th…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Samba incorrectly handled symlinks. 漏洞危害 An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. 解决方案 Refer to Ubuntu advisory USN-3267-1 for affecte…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A race condition existed in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解决方案 Refer to Ubuntu advisory USN-3266-1 fo…
CVE
CVE-2017-5669 Notification for Linux Ubuntu Linux的安全,gke AWS raspi2 Linux,Linux,Linux的Snapdragon Vulnerabilities(USN-3265
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. An out-of-bounds access in the IPv6 Generic Routing Encapsulation (GRE) tunneling implementation in the Linux kernel. It was…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a race condition existed in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解决方案 Refer to Ubuntu…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a heap-based buffer overflow existed in the FreeType library. 漏洞危害 If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service,…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that curl incorrectly handled client certificates when resuming a TLS session. 漏洞危害 A remote attacker could use this to hijack a previously authenticated connection. 解决方案 Refer to Ubuntu advisory USN-3262-1 for affected…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that QEMU incorrectly handled the Virtio GPU device. It was discovered that QEMU incorrectly handled the 6300esb watchdog. It was discovered that QEMU incorrectly handled the i.MX Fast Ethernet Controller. It was discov…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security issues were discovered in Firefox. A flaw was discovered in the DRBG number generation in NSS. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read u…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the resolver in Bind made incorrect assumptions about ordering when processing responses containing a CNAME or DNAME. It was discovered that in some situations, Bind did not properly handle DNS64 queries. It was di…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for mysql-5.5 to fix the vulnerabilities. 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for weechat to fix the vulnerabilities. 漏洞危害 Sucessful exploitation of the vulnerability may allow denial of service attacks. 解决方案 Refer to Debian security advisory DSA 3836-1 to address this issue and…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for python-django to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change par…
漏洞类别:Fedora漏洞等级: 漏洞信息 Fedora has released security update for pcre2 to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedor…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for icu to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedora…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for pcre to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedor…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libdwarf to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…