Attritionorg

**Name of the Vulnerable Software and Affected Versions** Boa version 0.94.13 **Description** The issue is related to configuration errors in files such as `backup.html`, `preview.html`, `js/log.js`, `log.html`, `email.html`, `online-users.html`, and `config.js` of the Boa HTTP server. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. It is noted that this might be a site-specific issue because the mentioned files are not part of the standard Boa distribution. **Recommendations** For Boa version 0.94.13, consider removing or restricting access to the files `backup.html`, `preview.html`, `js/log.js`, `log.html`, `email.html`, `online-users.html`, and `config.js` to prevent potential exploitation. Ensure proper configuration to avoid exposing sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: HyperHQ Hyper version 1.0.0 runV version 1.0.0 Description: The issue is related to memory leaks in the `container setup modules` and `hyper rescan scsi` functions in `container.c`. This problem is associated with the use of runV 1.0.0 for Docker. Recommendations: For HyperHQ Hyper version 1.0.0, consider disabling the `container setup modules` and `hyper rescan scsi` functions in `container.c` as a temporary workaround until a patch is available. For runV version 1.0.0, restrict the use of the affected functions to minimize the risk of exploitation.