David Maciejak

**Name of the Vulnerable Software and Affected Versions** Huawei smart phones versions prior to Harry-AL00C 9.1.0.206(C00E205R3P1) **Description** The issue is related to a null pointer dereference. An attacker can exploit this by crafting specific packets and sending them to the affected product, potentially causing the phone to behave abnormally. **Recommendations** For versions prior to Harry-AL00C 9.1.0.206(C00E205R3P1), update to version Harry-AL00C 9.1.0.206(C00E205R3P1) or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: ASUS RT-AC66U versions prior to 3.0.0.4.384 10007 ASUS RT-AC68U versions prior to 3.0.0.4.384 10007 ASUS RT-AC86U versions prior to 3.0.0.4.384 10007 ASUS RT-AC88U versions prior to 3.0.0.4.384 10007 ASUS RT-AC1900 versions prior to 3.0.0.4.384 10007 ASUS RT-AC2900 versions prior to 3.0.0.4.384 10007 ASUS RT-AC3100 versions prior to 3.0.0.4.384 10007 ASUS RT-N18U versions prior to 3.0.0.4.382.39935 ASUS RT-AC87U versions prior to 3.0.0.4.382.50010 ASUS RT-AC3200 versions prior to 3.0.0.4.382.50010 ASUS RT-AC5300 versions prior to 3.0.0.4.384.20287 Description: The issue allows for OS command injection via the `pingCNT` and `destIP` fields of the `SystemCmd` variable in the `Main Analysis Content.asp` page of the `/apply.cgi` component. This can be exploited by sending HTTP requests, enabling a remote attacker to execute arbitrary commands. Recommendations: For ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices, update to version 3.0.0.4.384 10007 or later. For RT-N18U devices, update to version 3.0.0.4.382.39935 or later. For RT-AC87U and RT-AC3200 devices, update to version 3.0.0.4.382.50010 or later. For RT-AC5300 devices, update to version 3.0.0.4.384.20287 or later. As a temporary workaround, consider restricting access to the `Main Analysis Content.asp` page and the `SystemCmd` variable to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MISP versions prior to 2.4.69 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via cross-site scripting in certain view elements. This affects the index filter tool in the file app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp. **Recommendations** For versions prior to 2.4.69, update to version 2.4.69 or later to resolve the issue. As a temporary workaround, consider restricting access to the index filter tool and the organisation landing page until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.2.x through 1.2.15 Wireshark versions 1.4.x through 1.4.4 **Description** The issue is related to the X.509if dissector, which does not properly initialize certain global variables. This allows remote attackers to cause a denial of service, resulting in an application crash, via a crafted .pcap file. **Recommendations** For Wireshark versions 1.2.x through 1.2.15, update to version 1.2.16 or later. For Wireshark versions 1.4.x through 1.4.4, update to version 1.4.5 or later.

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Professional 2006 Ipswitch WhatsUp Professional 2006 Premium **Description** The issue allows remote attackers to obtain sensitive information about network nodes. This is achieved by modifying the `nDeviceGroupID` parameter in the NmConsole/utility/RenderMap.asp file. **Recommendations** For Ipswitch WhatsUp Professional 2006, restrict access to the NmConsole/utility/RenderMap.asp file to minimize the risk of exploitation. For Ipswitch WhatsUp Professional 2006 Premium, avoid using the modified `nDeviceGroupID` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Professional versions 2006 Ipswitch WhatsUp Professional Premium version 2006 **Description** The issue allows remote attackers to obtain source code for scripts. This is achieved by sending a request to the "NmConsole/Login.asp" endpoint with a trailing dot. **Recommendations** For Ipswitch WhatsUp Professional version 2006, update to a version that fixes this issue. For Ipswitch WhatsUp Professional Premium version 2006, update to a version that fixes this issue.

**Name of the Vulnerable Software and Affected Versions** Ipswitch WhatsUp Professional 2006 Ipswitch WhatsUp Professional 2006 Premium **Description** The issue allows remote attackers to redirect users to other websites. This is achieved through the `sCancelURL` and possibly the `sRedirectUrl` parameters in the NmConsole/DeviceSelection.asp file. **Recommendations** For Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium, avoid using the `sCancelURL` and `sRedirectUrl` parameters in the NmConsole/DeviceSelection.asp file until the issue is resolved. As a temporary workaround, consider restricting access to the NmConsole/DeviceSelection.asp file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IPswitch WhatsUp Professional 2006 IPswitch WhatsUp Professional 2006 Premium **Description** The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the `sDeviceView` or `nDeviceID` parameter to the "NmConsole/Navigation.asp" endpoint, or the `sHostname` parameter to the "NmConsole/ToolResults.asp" endpoint. **Recommendations** For IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium, avoid using the `sDeviceView`, `nDeviceID`, and `sHostname` parameters in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the "NmConsole/Navigation.asp" and "NmConsole/ToolResults.asp" endpoints until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WebCalendar versions 1.0.1 through 1.0.3 **Description** The issue allows remote attackers to enumerate valid usernames by generating different error messages depending on whether a username is valid or not. **Recommendations** For versions 1.0.1 through 1.0.3, consider modifying the error handling mechanism to return generic error messages, avoiding the disclosure of valid usernames. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Edgewall Trac versions prior to 0.9.2 **Description** The issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions prior to 0.9.2, update to version 0.9.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** linux-image-2.6.26-1-486 linux-image-2.6.26-1-parisc-smp linux-image-2.6.26-1-alpha-smp linux-headers-2.6.26-1-486 linux-image-2.6.26-1-iop32x linux-headers-2.6.26-1-common-vserver linux-headers-2.6.26-1-s390x linux-image-2.6.26-1-xen-amd64 linux-image-2.6.26-1-r5k-ip32 linux-image-2.6.26-1-5kc-malta linux-headers-2.6.26-1-parisc64-smp linux-image-2.6.26-1-vserver-686 linux-image-2.6.26-1-vserver-powerpc64 linux-image-2.6.26-1-vserver-itanium linux-image-2.6.26-1-alpha-generic linux-headers-2.6.26-1-powerpc linux-image-2.6.26-1-r4k-ip22 linux-headers-2.6.26-1-alpha-generic linux-image-2.6.26-1-vserver-mckinley linux-image-2.6.26-1-vserver-amd64 linux-headers-2.6.26-1-r5k-ip32 linux-headers-2.6.26-1-vserver-itanium linux-image-2.6.26-1-powerpc linux-headers-2.6.26-1-itanium linux-image-2.6.26-1-sb1-bcm91250a linux-image-2.6.26-1-mckinley linux-headers-2.6.26-1-all-ia64 linux-headers-2.6.26-1-vserver-mckinley linux-headers-2.6.26-1-all-i386 linux-image-2.6.26-1-vserver-686-bigmem linux-headers-2.6.26-1-all-powerpc linux-image-2.6.26-1-sparc64-smp linux-image-2.6.26-1-versatile linux-image-2.6.26-1-vserver-sparc64 linux-headers-2.6.26-1-vserver-686-bigmem linux-headers-2.6.26-1-all-hppa linux-image-2.6.26-1-parisc64-smp linux-headers-2.6.26-1-all-arm linux-image-2.6.26-1-s390-tape linux-image-2.6.26-1-amd64 linux-headers-2.6.26-1-vserver-amd64 linux-headers-2.6.26-1-686-bigmem linux-headers-2.6.26-1-all-mipsel linux-headers-2.6.26-1-xen-amd64 linux-headers-2.6.26-1-4kc-malta linux-headers-2.6.26-1-amd64 linux-headers-2.6.26-1-parisc-smp linux-headers-2.6.26-1-vserver-s390x linux-headers-2.6.26-1-footbridge linux-headers-2.6.26-1-iop32x linux-image-2.6.26-1-686 linux-support-2.6.26-1 linux-headers-2.6.26-1-xen-686 linux-image-2.6.26-1-powerpc-smp linux-headers-2.6.26-1-all-amd64 linux-modules-2.6.26-1-xen-amd64 linux-headers-2.6.26-1-parisc linux-image-2.6.26-1-sb1a-bcm91480b linux-image-2.6.26-1-r5k-cobalt linux-headers-2.6.26-1-vserver-sparc64 linux-headers-2.6.26-1-common-openvz linux-headers-2.6.26-1-openvz-amd64 linux-image-2.6.26-1-alpha-legacy linux-image-2.6.26-1-openvz-686 linux-headers-2.6.26-1-s390 linux-headers-2.6.26-1-vserver-powerpc linux-image-2.6.26-1-vserver-s390x linux-image-2.6.26-1-xen-686 linux-headers-2.6.26-1-versatile linux-headers-2.6.26-1-vserver-powerpc64 linux-headers-2.6.26-1-common linux-image-2.6.26-1-footbridge linux-image-2.6.26-1-parisc64 linux-headers-2.6.26-1-alpha-legacy linux-image-2.6.26-1-686-bigmem linux-headers-2.6.26-1-all-alpha linux-headers-2.6.26-1-r4k-ip22 linux-headers-2.6.26-1-all-armel linux-headers-2.6.26-1-sb1a-bcm91480b linux-headers-2.6.26-1-common-xen linux-image-2.6.26-1-s390x linux-headers-2.6.26-1-mckinley linux-image-2.6.26-1-parisc linux-headers-2.6.26-1-orion5x linux-headers-2.6.26-1-openvz-686 linux-headers-2.6.26-1-vserver-686 linux-image-2.6.26-1-sparc64 linux-headers-2.6.26-1-powerpc64 linux-image-2.6.26-1-itanium linux-image-2.6.26-1-orion5x linux-headers-2.6.26-1-ixp4xx linux-headers-2.6.26-1-all-sparc linux-image-2.6.26-1-openvz-amd64 linux-image-2.6.26-1-ixp4xx linux-headers-2.6.26-1-parisc64 linux-headers-2.6.26-1-powerpc-smp linux-headers-2.6.26-1-all-s390 linux-headers-2.6.26-1-5kc-malta linux-image-2.6.26-1-powerpc64 linux-modules-2.6.26-1-xen-686 linux-headers-2.6.26-1-sb1-bcm91250a linux-headers-2.6.26-1-686 linux-image-2.6.26-1-4kc-malta linux-image-2.6.26-1-s390 linux-headers-2.6.26-1-all-mips **Description** The issue affects multiple packages of the Debian GNU/Linux operating system, including various linux-image and linux-headers packages. Exploitation of these vulnerabilities can lead to a breach of confidentiality, integrity, and availability of protected information. The vulnerabilities can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** linux-image-2.6.26-1-parisc-smp version 2.6.26-1 linux-image-2.6.26-1-486 version 2.6.26-1 linux-image-2.6.26-1-alpha-smp version 2.6.26-1 linux-headers-2.6.26-1-486 version 2.6.26-1 linux-image-2.6.26-1-iop32x version 2.6.26-1 linux-headers-2.6.26-1-common-vserver version 2.6.26-1 linux-headers-2.6.26-1-s390x version 2.6.26-1 linux-headers-2.6.26-1-all version 2.6.26-1 linux-headers-2.6.26-1-sparc64-smp version 2.6.26-1 linux-headers-2.6.26-1-alpha-smp version 2.6.26-1 linux-image-2.6.26-1-vserver-powerpc version 2.6.26-1 linux-headers-2.6.26-1-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-r5k-cobalt version 2.6.26-1 linux-image-2.6.26-1-xen-amd64 version 2.6.26-1 linux-image-2.6.26-1-r5k-ip32 version 2.6.26-1 linux-headers-2.6.26-1-parisc64-smp version 2.6.26-1 linux-image-2.6.26-1-vserver-686 version 2.6.26-1 linux-image-2.6.26-1-vserver-powerpc64 version 2.6.26-1 linux-image-2.6.26-1-vserver-itanium version 2.6.26-1 linux-headers-2.6.26-1-powerpc version 2.6.26-1 linux-image-2.6.26-1-alpha-generic version 2.6.26-1 linux-image-2.6.26-1-r4k-ip22 version 2.6.26-1 linux-headers-2.6.26-1-alpha-generic version 2.6.26-1 linux-image-2.6.26-1-vserver-mckinley version 2.6.26-1 linux-image-2.6.26-1-vserver-amd64 version 2.6.26-1 linux-headers-2.6.26-1-r5k-ip32 version 2.6.26-1 linux-image-2.6.26-1-powerpc version 2.6.26-1 linux-headers-2.6.26-1-vserver-itanium version 2.6.26-1 linux-headers-2.6.26-1-itanium version 2.6.26-1 linux-image-2.6.26-1-sb1-bcm91250a version 2.6.26-1 linux-headers-2.6.26-1-all-i386 version 2.6.26-1 linux-headers-2.6.26-1-vserver-mckinley version 2.6.26-1 linux-image-2.6.26-1-vserver-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-ia64 version 2.6.26-1 linux-headers-2.6.26-1-all-powerpc version 2.6.26-1 linux-image-2.6.26-1-mckinley version 2.6.26-1 linux-image-2.6.26-1-sparc64-smp version 2.6.26-1 linux-image-2.6.26-1-versatile version 2.6.26-1 linux-image-2.6.26-1-vserver-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-vserver-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-hppa version 2.6.26-1 linux-image-2.6.26-1-parisc64-smp version 2.6.26-1 linux-headers-2.6.26-1-all-arm version 2.6.26-1 linux-image-2.6.26-1-s390-tape version 2.6.26-1 linux-headers-2.6.26-1-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-vserver-amd64 version 2.6.26-1 linux-image-2.6.26-1-amd64 version 2.6.26-1 linux-headers-2.6.26-1-all-mipsel version 2.6.26-1 linux-headers-2.6.26-1-xen-amd64 version 2.6.26-1 linux-headers-2.6.26-1-4kc-malta version 2.6.26-1 linux-headers-2.6.26-1-footbridge version 2.6.26-1 linux-headers-2.6.26-1-amd64 version 2.6.26-1 linux-headers-2.6.26-1-vserver-s390x version 2.6.26-1 linux-headers-2.6.26-1-parisc-smp version 2.6.26-1 linux-headers-2.6.26-1-iop32x version 2.6.26-1 linux-image-2.6.26-1-686 version 2.6.26-1 linux-support-2.6.26-1 version 2.6.26-1 linux-headers-2.6.26-1-xen-686 version 2.6.26-1 linux-image-2.6.26-1-powerpc-smp version 2.6.26-1 linux-headers-2.6.26-1-all-amd64 version 2.6.26-1 linux-headers-2.6.26-1-parisc version 2.6.26-1 linux-modules-2.6.26-1-xen-amd64 version 2.6.26-1 linux-image-2.6.26-1-sb1a-bcm91480b version 2.6.26-1 linux-image-2.6.26-1-r5k-cobalt version 2.6.26-1 linux-headers-2.6.26-1-vserver-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-common-openvz version 2.6.26-1 linux-headers-2.6.26-1-openvz-amd64 version 2.6.26-1 linux-image-2.6.26-1-alpha-legacy version 2.6.26-1 linux-image-2.6.26-1-openvz-686 version 2.6.26-1 linux-headers-2.6.26-1-vserver-powerpc version 2.6.26-1 linux-headers-2.6.26-1-s390 version 2.6.26-1 linux-image-2.6.26-1-vserver-s390x version 2.6.26-1 linux-image-2.6.26-1-xen-686 version 2.6.26-1 linux-headers-2.6.26-1-versatile version 2.6.26-1 linux-headers-2.6.26-1-vserver-powerpc64 version 2.6.26-1 linux-headers-2.6.26-1-common version 2.6.26-1 linux-image-2.6.26-1-footbridge version 2.6.26-1 linux-image-2.6.26-1-parisc64 version 2.6.26-1 linux-headers-2.6.26-1-alpha-legacy version 2.6.26-1 linux-image-2.6.26-1-686-bigmem version 2.6.26-1 linux-headers-2.6.26-1-all-alpha version 2.6.26-1 linux-headers-2.6.26-1-all-armel version 2.6.26-1 linux-headers-2.6.26-1-r4k-ip22 version 2.6.26-1 linux-headers-2.6.26-1-sb1a-bcm91480b version 2.6.26-1 linux-headers-2.6.26-1-common-xen version 2.6.26-1 linux-image-2.6.26-1-s390x version 2.6.26-1 linux-headers-2.6.26-1-mckinley version 2.6.26-1 linux-image-2.6.26-1-parisc version 2.6.26-1 linux-headers-2.6.26-1-orion5x version 2.6.26-1 linux-headers-2.6.26-1-openvz-686 version 2.6.26-1 linux-headers-2.6.26-1-vserver-686 version 2.6.26-1 linux-image-2.6.26-1-sparc64 version 2.6.26-1 linux-headers-2.6.26-1-powerpc64 version 2.6.26-1 linux-image-2.6.26-1-itanium version 2.6.26-1 linux-image-2.6.26-1-orion5x version 2.6.26-1 linux-headers-2.6.26-1-all-sparc version 2.6.26-1 linux-image-2.6.26-1-openvz-amd64 version 2.6.26-1 linux-headers-2.6.26-1-ixp4xx version 2.6.26-1 linux-image-2.6.26-1-ixp4xx version 2.6.26-1 linux-headers-2.6.26-1-parisc64 version 2.6.26-1 linux-headers-2.6.26-1-powerpc-smp version 2.6.26-1 linux-headers-2.6.26-1-all-s390 version 2.6.26-1 linux-headers-2.6.26-1-5kc-malta version 2.6.26-1 linux-image-2.6.26-1-powerpc64 version 2.6.26-1 linux-modules-2.6.26-1-xen-686 version 2.6.26-1 linux-headers-2.6.26-1-sb1-bcm91250a version 2.6.26-1 linux-image-2.6.26-1-4kc-malta version 2.6.26-1 linux-image-2.6.26-1-s390 version 2.6.26-1 linux-headers-2.6.26-1-686 version 2.6.26-1 linux-headers-2.6.26-1-all-mips version 2.6.26-1 **Description** The issue affects the Linux kernel, allowing local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem. The `ext4 isize` function in `fs/ext4/ext4.h` uses the `i size high` structure member during operations on arbitrary types of files. Multiple vulnerabilities have been identified in various packages of the Debian GNU/Linux operating system, including linux-image and linux-headers, which can lead to a violation of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.