Zoom Linux Client 2.0.106600.0904 Buffer Overflow

Zoom Linux Client 2.0.106600.0904 Buffer Overflow

The binary /opt/zoom/ZoomLauncher is vulnerable to a buffer overflow because it concatenates a overly long user input to a stack variable without checking if the destination buffer is long enough to hold the data. The binary also has important security features like canary turned off. The client registers a scheme handler (zoommtg://) and this makes […]

The post Zoom Linux Client 2.0.106600.0904 Buffer Overflow appeared first on MondoUnix.

Western Digital MyCloud multi_uploadify File Upload

Western Digital MyCloud multi_uploadify File Upload

This Metasploit module exploits a file upload vulnerability found in Western Digital’s MyCloud NAS web administration HTTP service. The /web/jquery/uploader/multi_uploadify.php PHP script provides multipart upload functionality that is accessible without authentication and can be used to place a file anywhere on the device’s file system. This allows an attacker the ability to upload a PHP […]

The post Western Digital MyCloud multi_uploadify File Upload appeared first on MondoUnix.