Hosein Askari

**Name of the Vulnerable Software and Affected Versions** Poppler versions prior to 0.63 **Description** The issue is caused by an out of bounds read due to incorrect memory access. This can lead to memory corruption and denial of service. It may be exploitable when a victim opens a specially crafted PDF file, as demonstrated by pdfunite. **Recommendations** For Poppler versions prior to 0.63, update to version 0.63 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: MikroTik version 6.41.4 Description: A vulnerability could allow an unauthenticated remote attacker to exhaust all available CPU and RAM by sending a crafted FTP request on port 21 that begins with many '0' characters. This prevents the affected router from accepting new FTP connections, causing it to reboot after 10 minutes and log a "router was rebooted without proper shutdown" message. Recommendations: For MikroTik version 6.41.4, consider restricting access to port 21 to minimize the risk of exploitation. As a temporary workaround, limit the use of FTP connections until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 3.4.4 **Description** The issue is related to a Heap-Based Buffer Overflow vulnerability. This vulnerability is triggered by a crafted PCAP file. **Recommendations** For Tcpreplay version 3.4.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNOME gedit versions prior to 3.22.1 **Description** The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by providing a file that starts with many '0' characters. **Recommendations** For versions prior to 3.22.1, update to version 3.22.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MikroTik version 6.38.5 **Description** A vulnerability could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500, which is used for L2TP over IPsec. This prevents the affected router from accepting new connections, causing all devices to be disconnected from the router and all logs to be removed automatically. **Recommendations** For MikroTik version 6.38.5, consider restricting access to port 500 to minimize the risk of exploitation. As a temporary workaround, limiting the number of incoming UDP packets on this port may help mitigate the issue until a patch is available.

**Name of the Vulnerable Software and Affected Versions** DMitry version 1.3a **Description** A stack-based buffer overflow in DMitry allows attackers to cause a denial of service or possibly have other unspecified impact via a long argument. An example threat model is the automated execution of DMitry with hostname strings found in local log files. **Recommendations** For version 1.3a, consider restricting the length of arguments passed to DMitry to prevent the buffer overflow, or avoid using DMitry with untrusted input until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BackBox Linux version 4.6 **Description** The issue allows remote attackers to cause a denial of service, specifically ksoftirqd CPU consumption, via a flood of packets with Martian source IP addresses, as defined in RFC 1812 section 5.3.7. This product enables net.ipv4.conf.all.log martians by default. However, the vendor reports that this vulnerability has no foundation and is totally fake and based on false assumptions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MikroTik Router hAP Lite version 6.25 **Description** The issue allows remote attackers to cause a denial of service by sending many unsolicited TCP ACK packets, resulting in high CPU consumption. After the attack stops, the CPU usage remains at 100%, and the router requires a reboot to resume normal operation. **Recommendations** For version 6.25, consider restricting access to the network to minimize the risk of exploitation until a patch is available. As a temporary workaround, monitor CPU usage and be prepared to reboot the router in case of an attack. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** SanaCMS version 7.3 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `search` parameter in the index.asp file. **Recommendations** For version 7.3, update the index.asp file to properly sanitize the `search` parameter to prevent arbitrary web script or HTML injection. As a temporary workaround, consider restricting access to the index.asp file until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 3.x **Description** The TCP stack in the Linux kernel does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets. This issue can be exploited by sending specially crafted SYN packets, leading to CPU consumption. **Recommendations** For Linux kernel version 3.x, consider implementing a workaround to limit the impact of SYN packet attacks, such as configuring the system to drop SYN packets after a certain threshold. At the moment, there is no information about a newer version that contains a fix for this vulnerability.