CVE-2017-7679
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Read MoreAuthor: Cyberthreat Blog
CVE-2017-3169
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
Read MoreSysinternals 6.03 is out. Bug fixes only, no new features https://blogs.technet.microsoft.com/sysinternals/2017/06/17/sysinternals-update-sysmon-v6-03/, (Mon, Jun 19th)
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Read MoreAs Your Admin Walks Out the Door .., (Mon, Jun 19th)
One of our readers (thanks Gebhard) mailed us a link to an article on what the press is apparently now calling a Revenge Wipe – a system administrator who has left the organization, and as a last hurrah, deletes or locks...
Read MoreCVE-2017-1000373
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume...
Read More