CVE-2018-1000116 2018-03-28
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
Our scanner can perform all kinds of tasks. It can also handle multiple tasks at the same time and wait for a task to finish before moving on to the next task. Obviously it check/validate or scan, but it can also talk with 3rd party API's like Shodan and Google Malware. Our scanner can execute any type of custom code on Windows and Linux.
How?, that is our secret. These capabilities makes our scanner so powerfull and with this power we can make you and your company more secure. Try our scanner for free.
OWASP top-10 web-application security scan
OWASP secure headers check and validation
Web-application vulnerability scan
Web-application high-risk only scan
EternalBlue / DoublePulsar / WannaCry / MS1710 check and validation
DNS recon (DNSSEC check and validation)
DNS DMARC check and validation
DNS SPF check and validation
DNS DKIM check and validation
Spamhaus blacklist check
Google Malware check
Wordpress security scan
Joomla security check
Web application firewall check
Shodan listing check
TCP service version scan (also IDS safe version)
UDP service version scan (also IDS safe version)
NMAP SSL scan
SSL Analysis
SSL Labs (scan and validation)
We are adding more and more capabilities on a weekly basis. Missing something? Don't hesitate to send us an email: support@smartsecurityscan.com
Our engine is build with blocks, like lego, and that provides you the possibility to create your own scan packages by chosing 1 or multi scan services.
We have full integration libraries ready for PHP5/7, JavaScript (EC6), Node, AngularJS and C# (ASP).NET
Integrate our scan engine in your website or business application. Re-sell security scans with white-label reports. It's all possible with our API.
Customized security scan to fit the target best. You can schedule and even plan re-occurring scans. We have specific customized scans for all areas.
Security scans are preferably executed on the development or acceptation environment of a web application, Not on the live environment. The security scans can impact the responsiveness of the server and the correctness of data.
Advanced application scan
Advanced Infrastructure scan
Fancy reporting / PDF printable
Free (561)
Mail (spf, dkim and dmarc) (104)
OWASP Top-10 (69)
Joomla vulnerability scan (45)
SSL (42)
Demo (36)
Paid, web vulnerability scan (34)
EternalBlue/DoublePulsar/WannaCry (34)
OWASP Secure Headers (28)
Full stack scan (26)
Extensive vulnerability scan (15)
TCP/UDP Services (13)
High profile web vulnerability (Fast scan) (10)
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This attack appear to be exploitable via an attacker supplied MP4 file that when run by the victim may result in RCE.
An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jenkins home directory is on a case-insensitive file system.
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
ARM mbedTLS version development branch, 2.7.0 and earlier contains a CWE-670, Incorrect condition control flow leading to incorrect return, leading to data loss vulnerability in ssl_write_real(), library/ssl_tls.c:7142 that can result in Leads to data loss, can be escalated to DoS and authorization bypass in application protocols. This attack appear to be exploitable via network connectivity.
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b.
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Theme Uninstallation that can result in CSRF causing LimeSurvey admins to delete all their themes, rendering the website unusable. This attack appear to be exploitable via Simple HTML markup can be used to send a GET request to the affected endpoint.
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7.
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.
nanopool Claymore Dual Miner version 7.3 and earlier contains a Remote Code Execution vulnerability in API that can result in RCE by abusing the remote manager API. This attack appear to be exploitable via The victim must run the miner with read/write mode enabled.
Information gathering
Network Security
Web Application Security
Security scan
Vulnerability scan
WordPress / Joomla
Penetration Testing
SSL Labs
Google Malware
Shodan
OWASP-TOP-10
OWASP Secure Headers
Scan multiple targets with different settings and pay automatically with your credits. You can buy 1 or multiple credit packs.
Combine multiple scan commands to create your own package. Schedule your pentest on a montly or even daily basis.
Receive your scan report per mail or download the PDF version from your dashboard.
Security scans are preferably executed on the development or acceptation environment of a web application, not on the live environment. The security scans can impact the responsiveness of the server and the correctness of data.
* This server, our reporting engines and our data storage use an AES256 encrypted file system.
* Information in our databases are AES256 encrypted and passwords are hashed with bcrypt.