On October 31, 2016 (local time), Cisco Talos published three integer overflow vulnerabilities with the Memcached server on its official website http://www.talosintelligence.com. 阅读全文 “NSFOCUS Security Advisory Memcached Multiple Integer Overflow Vulnerabilities” »
OpenSSH contains a memory exhaustion issue during key exchange. An unauthenticated client can increase the memory allocated to each connection on the server to 384 MB, by repeating the KEXINIT process. An attacker can exploit this vulnerability by initiating multiple connections, to exhaust memory resources of the server and therefore lead to a denial of service.
As shown in Figure 1, there are two folders. The loader folder, as its name implies, is a loader that creates servers and monitors the status of connections.
Internet Systems Consortium (ISC) officially released a security advisory to announce a vulnerability (CVE-2016-2776) and its fixing. The vulnerability exists in buffer.c. When constructing a response packet for a specially crafted query request, BIND will encounter an assertion failure, causing the program to crash and therefore a denial of service.
On September 12, 2016, legalhackers.com released a security advisory concerning a 0-day vulnerability that is assigned CVE-2016-6662. This vulnerability allows attackers to remotely inject malicious settings into a MySQL configuration file (my.cnf), leading to critical consequences. It affects MySQL servers in default configuration in all version branches (5.7, 5.6, and 5.5), including the latest versions. MySQL clones like MariaDB and PerconaDB are also affected. 阅读全文 “MySQL Remote Code Execution/Privilege Escalation Vulnerability Technical Analysis and Solution” »
On September 22, 2016, OpenSSL released an update advisory for three branch products to fix multiple vulnerabilities. The versions after update are 1.1.0a, 1.0.2i, and 1.0.1u. However, the security update introduced new vulnerabilities: 1.1.0a introduced CVE-2016-6309, and 1.0.2i introduced CVE-2016-7052.
On April 24, 2016, Fernando from the NULL-LIFE team submits the local heap overflow vulnerability in bcmath.c to the PHP website. For details, visit the following link.