There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Service Area List message (IEI = 0x27).
Open Web Analytics (OWA) versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes.
http://naya.go.th/q.txt notified by rizky07
Tags: defacementhttp://www.haec03.doae.go.th/news_file/Mloki.htm notified by Mloki
Tags: defacementhttp://www.royalagro.doae.go.th/knowledge/Mloki.htm notified by Mloki
Tags: defacementhttp://www.edoae.doae.go.th/wp_person/Mloki.htm notified by Mloki
Tags: defacementhttp://www.aopdt09.doae.go.th/wordpress_site18/Mloki.htm notified by Mloki
Tags: defacementhttp://www.ppsf.doae.go.th/wordpress/Mloki.htm notified by Mloki
Tags: defacementThere is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), specifically when handling the Service Area List message (IEI = 0x27).