Mandriva Linux Security Advisory 2012-032 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windows 7 systems. This crash may be potentially exploitable. Firefox prevents the dropping of javascript: links onto a frame to prevent malicious sites from tricking users into performing a cross-site scripting attacks on themselves. Security researcher Soroush Dalili reported a way to bypass this protection. Various other issues were also addressed.
3cbc2c67f035fe9b1398b1120f8f0507ea8dbc4b9d3dce95d3e1907578dea5a9HP Security Bulletin HPSBOV02762 SSRT100825 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.
7aea36aed5246255765866fa3709a5b96e6e0350e5b8bf65bfd2aaf3d2eddf7eHP Security Bulletin HPSBOV02763 SSRT100826 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS running PHP. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, privilege escalation, unauthorized disclosure of information, or unauthorized modifications. Revision 1 of this advisory.
ed9a5902d9c99aabc1fc739a0ec49b2e95fcbd6c58b9ceb14b8f6abcfe7fb2bcAcuity CMS version 2.6.x suffers from a cross site scripting vulnerability.
cf8e68bb7f5cdf8335ff6391aa5a79026ba914c1dc4b86af412a5a98ed427b30Whitepaper called The Source Is A Lie. Backdoors have always been a concern of the security community. In recent years the idea of not trusting the developer has gained momentum and manifested itself in various forms of source code review. For Java, being one of the most popular programming languages, numerous tools and papers have been written to help during reviews. While these tools and techniques are getting developed further, they usually focus on traditional programming paradigms. Modern concepts like Aspect Oriented Programming or the Java Reflection API are left out. Especially the use of Java’s Reflection API in conjunction with the lesser known “string pool” can lead to a new kind of backdoor. This backdoor hides itself from unwary reviewer by disguising its access to critical resources like credential through indirection. To raise the awareness about this particular kind of backdoor, this paper will provide a short introduction to the string pool, show how reflection can be used to manipulate it, demonstrate how a backdoor can abuse this, and discuss how it can be uncovered.
2a07f7ba8590b6f096b40e0241279121aa6cb6cc3400db03bb9062a53afd7af0HP Security Bulletin HPSBMU02764 SSRT100827 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. Revision 1 of this advisory.
ef4dc6d5c693e4d1488186aa6471a0d6ae5ab0b725cd9a055f4101f928dcf379Idate.org suffers from a cross site scripting vulnerability.
ffd9dc660290b21f5d21aec5c2d8182c5b3a3ba1fffae433e873a6e73168133dRed Hat Security Advisory 2012-0488-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found in the way libtasn1 decoded DER data. An attacker could create a carefully-crafted X.509 certificate that, when parsed by an application that uses GnuTLS, could cause the application to crash.
51a71be200b7104a0b6c3eddd65b911675386eeaa8bb6ce75c2ab67983a394e8Red Hat Security Advisory 2012-0481-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Numerous reference count leaks were found in the Linux kernel's block layer I/O context handling implementation. This could allow a local, unprivileged user to cause a denial of service. A flaw was found in the Linux kernel's cifs_lookup() implementation. POSIX open during lookup should only be supported for regular files. When non-regular files pipe or other special files) are opened on lookup, it could cause a denial of service.
78cac8316e6792e90be570ad7b19b774306f7645a32558fb04f1fee0214daf09Red Hat Security Advisory 2012-0480-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6 implementation could lead to a use-after-free or double free flaw in tunnel6_rcv(). A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the xfrm6_tunnel kernel module loaded, causing it to crash.
3a04db312322381195a59a5cee096f0b9b31fa909549ef0629b6a10ab7127860Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
b2f451a4f3f6ccd8ade3878e455b37407f86d2753a496b31fad9b6c4c0b95cdeSecunia Security Advisory - A vulnerability has been reported in OpenVMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
984402f6b31dbff27bc4422bbe0b44f6ea079f2526ab796b7131273a57f1c6ceSecunia Security Advisory - HP has issued an update for Secure Web Server in OpenVMS. This fixes multiple vulnerabilities, where one has unknown impacts and others can be exploited by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
307dd9aa2f41af7dd2481202fcdadb33b93f8881b9dfc3d8a32eb759cef20677Secunia Security Advisory - HP has issued an update for Secure Web Server in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service), by malicious users to manipulate certain data, and by malicious people to disclose certain system and sensitive information, bypass certain security restrictions, manipulate certain data, and cause a DoS (Denial of Service).
0077e7c08d4d4d3219da734a7f37ff2284a5e9319c4514f57df4b0140a70518fSecunia Security Advisory - Ryuzaki Lawlet has reported two vulnerabilities in the Yahoo Answer WordPress Auto Poster plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
63f09852c580985156a10efc301777523cedebaa15abe973cbabdf61dd43704eSecunia Security Advisory - A vulnerability has been discovered in SocialABC NetworX CMS, which can be exploited by malicious people to bypass certain security restrictions.
9d9af2b7a97df72afae36361b5392ce88839cd1a8240c804e294d5d399dcb752Secunia Security Advisory - SUSE has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
9b3dd7f31f1ad14f0547bc9d3291530e76132653ff2c95e7dd980f4c260cb505Secunia Security Advisory - A weakness has been reported in the Phoca Favicon component for Joomla!, which can be exploited by malicious, local users to manipulate certain data and potentially gain escalated privileges.
4944d8c9aa85c5af39e50ddc949164a66bcaf52bbbee5dd59cf81f47b7627170Secunia Security Advisory - SUSE has issued an update for samba. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
86224565a64021b68de11cae29956a8b908ba7b699a9a73732d2d6eeb675d0d3Secunia Security Advisory - Two vulnerabilities have been discovered in Ushahidi, which can be exploited by malicious people to conduct cross-site request forgery and script insertion attacks.
a0b59486a84a7b488c0f52ac495bc6f24e168dfaf041f9284d0064003972659bSecunia Security Advisory - A security issue has been reported in Munin, which can be exploited by malicious, local users to manipulate certain data.
58be6f56eb6a47546c6c305abd283c5b5a5acb8af43a0d6574614da9ef480e73Secunia Security Advisory - Khashayar Fereidani has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
1fb33f2da39d64e6baefc0408ce47a7f6c0a455a7a9a24341b0b3184ee036607ETeamPass version 2.1.5 suffers from a persistent cross site scripting vulnerability in users.queries.php.
b5087dc58a490d7fda633d958a1bf30f8aef7f5d28ac7437be66583b7d63c9e7Mandriva Linux Security Advisory 2012-059 - It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application. The updated packages have been patched to correct this issue.
d5f88c588379acc2bfa9ff43617fc1860c078b4a3e19d62cf9688284b0d95395This Metasploit module exploits a vulnerability found on V-CMS's inline image upload feature. The problem is due to the inline_image_upload.php file not checking the file type before saving it on the web server. This allows any malicious user to upload a script (such as PHP) without authentication, and then execute it with a GET request. The issue is fixed in 1.1 by checking the extension name. By default, 1.1 only allows jpg, jpeg, png, gif, bmp, but it is still possible to upload a PHP file as one of those extension names, which may still be leveraged in an attack.
5db10ec6f958334e9330d4c85475a69cd8b4c04de7b7b2ad6e87bd5f504d7f81
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed