Some months ago a serious vulnerability on EXIM has been disclosed (CVE-2017-16943), and in the last hours Meh Chang (from devco.re) discovered a buffer overflow that allows remote command execution on this MTA.
Cisco released security updates to address a critical security vulnerability in Cisco ASA software.
In this great speech on BlackHat Europe 2017, Mark Ermolov and Maxim Goryachy by Positive Technology talks about the Intel Management Engine subsystem and how the recently discovered vulnerabilities can be used in order to compromise a system.
Metasploit Framework is a priceless open-source a tool for developing and executing exploit code against a remote target machine.
Two vulnerabilities and an exploit POC impacting the Exim MTA have been publicly disclosed, identified as CVE-2017-16943 & CVE-2017-16944 The vulnerabilities could allow remote attackers to execute arbitrary code or cause a denial of service via vectors involving BDAT commands.
A fresh advisory from SAMBA.org: All versions of Samba from 4.0.0 onwards are vulnerable to a use after free vulnerability, where a malicious SMB1 request can be used to control the contents of heap memory via a deallocated heap pointer. It is possible this may be used to compromise the SMB server. The major Linux…