Sophos Web Protection Appliance sblistpack Arbitrary Command Execution
19 September 2013
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 18.104.22.168 and 3.8 before 22.214.171.124 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to end-user/index.php.
CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Posted on 28 January 2015. | Researchers found a critical vulnerability in the Linux GNU C Library (glibc), that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials.
Posted on 23 January 2015. | The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.