» 2018 » 2월

CVE-2017-5781

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-5781

A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found.

Source: CVE-2017-5781

CVE-2017-12538

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12538

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.

Source: CVE-2017-12538

CVE-2017-12553

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12553

A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Source: CVE-2017-12553

CVE-2017-12552

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12552

A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Source: CVE-2017-12552

CVE-2017-12555

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12555

A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.

Source: CVE-2017-12555

CVE-2017-12554

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12554

A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT iMC Plat 7.3 E0504P2 and earlier was found.

Source: CVE-2017-12554

CVE-2017-12557

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12557

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.

Source: CVE-2017-12557

CVE-2017-12551

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2017-12551

A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Source: CVE-2017-12551

CVE-2018-7169

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2018-7169

An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.

Source: CVE-2018-7169

CVE-2018-7054

Posted on 2018년 2월 16일2018년 2월 16일 by admin

CVE-2018-7054

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits.

Source: CVE-2018-7054