FreeBSD versions 9.0 and 9.1 mmap/ptrace privilege escalation exploit that leverages the issue described in FreeBSD-SA-13:06.
33ab3cd2db81ca119a894609c3cbec29fc118789f6df44a99945d5cda231b71cDrupal Login Security third party module versions 6.x and 7.x suffer from bypass and denial of service vulnerabilities.
598061f54bac357e4a742401275a6a32cd65fb79938c18d3b4947c9e8cce8cc3GLPI version 0.83.7 suffers from a parameter traversal vulnerability that allows for arbitrary file access.
8c549c03c6d7b7e06618844943413d35622dfba90639b3c6ac5e75b5a16e3a25In February 2013, VSR identified a vulnerability in the IBM WebSphere Commerce framework which could allow an attacker to tamper with values stored in the "krypto" URL parameter. This parameter is encrypted with a block cipher without any independent integrity protection. This, combined with observed application behavior, allows for padding oracle attacks which can be used to decrypt the krypto token and forge new tokens with arbitrary embedded parameters.
5998d6a975a57dc3921286cababdc5aa780a65141183d9726f3d8938c1392707RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to prevent BEAST attacks and SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks.
c4c500343555b143f39e0055e4ce990a4e2809cae8e525b10d41140c0a9e374eThis exploits performs privilege escalation leveraging the mmap vulnerability in FreeBSD 9.1 as described in FreeBSD-SA-13:06.
f4335d5441b706cb24ce9fb6b71366091edddbb0838d83d2cd1b69a4edab8fdfTP-Link Print Server version TL PS110U suffers from a sensitive information enumeration vulnerability.
d9a49fe63d706d493bab0eca559b24f7343fd3b17429368055b9144c891c110dResearchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS for RSA BSAFE Micro Edition Suite for all versions outside of 4.0.3 and 3.2.5. The Lucky Thirteen attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.
63d67971616d756f9a24527aece917f871801037a08e76de35be02323baa702aTechnical Cyber Security Alert 2013-169A - Oracle released the June 2013 Critical Patch Update for Oracle Java SE. This patch contains 40 new security fixes across Java SE products and a fix to the Javadoc Tool. API documentation in HTML format generated by the Javadoc tool that contains a right frame may be vulnerable to frame injection when hosted on a web server.
a41aca8835ee3499199ea44a2b84c6181c92e3efce36d2da65f6daf2fd76c218Mod_security suffered from a cross site scripting filter bypass vulnerability.
f2125bb4ab7692426d1789ea62aa804f599421f07fed6bc8474c3e45d715a2d3This is a whitepaper discussing source code analysis of web applications. Part II. Written in Turkish.
fe510373b10e5474bdc1acc5c1761320d2fb4d867dc1d9246c37e78241a778a4MusicBee version 2.0.4663 .m3u denial of service exploit.
4b7be457ec441bb7f68bfa2e92c08eabed3ef82cfe231887d1c6a031dddcce12Facebook appears to suffer from a critical design flaw in how users share photos using a URI. Once a URI is known the only action the user can take to hide the contents of a photo album is to delete the album. This means if you ever have a breach, be it someone sitting in front of your computer, or getting your Facebook password, you must delete all your photo albums to keep the contents private.
0a29cfeb80463cd152ef5b3f1d86ba9355c1a6664476d861f177f8a3a82b52faThe Joomla Rokdownloads component suffers from a remote shell upload vulnerability.
43432f4a6d7fc1d83fb420edcacc1d415db5a0e041a2beb071e8e89ee41a1f10Debian Linux Security Advisory 2628-2 - The security update DSA-2628 for nss-pam-ldapd failed to build on kfreebsd-amd64 and kfreebsd-i386.
ca04431f7098338d92f01c30b2b14d94f107aed5b83c0e5d0a566ae308c1550aThis Metasploit module exploits a vulnerability in MoinMoin 1.9.5. The vulnerability exists on the manage of the twikidraw actions, where a traversal path can be used in order to upload arbitrary files. Exploitation is achieved on Apached/mod_wsgi configurations by overwriting moin.wsgi, which allows to execute arbitrary python code, as exploited in the wild on July, 2012.
357506b05f75972b93ef4f53d7935e38c58ae9d6c3dc89990bc79b7b56e9d911Debian Linux Security Advisory 2698-1 - Multiple issues were discovered in the TIFF tools, a set of utilities for TIFF image file manipulation and conversion.
2d2368ecc0f7d48d6b7d6ddde98b2ad8db9e4da5cfa9209da669bc81c6a219dbUbuntu Security Notice 1886-1 - It was discovered that Puppet incorrectly handled YAML payloads. An attacker on an untrusted client could use this issue to execute arbitrary code on the master.
eb685b156838671fe79b419fa87ca1d86032de2006cbe1d74ccf0cf26603bd9eSolaris 10 patch cluster suffers from a file clobber vulnerability in /tmp.
03794219b3e100fca16c556ac9f4ccfaad291a40205e4a5a016b11eca6895b3eWhen making REST api calls, the puppet master takes YAML from an untrusted client, deserializes it, and then calls methods on the resulting object. A YAML payload can be crafted to cause the deserialization to construct an instance of any class available in the ruby process, which allows an attacker to execute code contained in the payload.
4331f8a7741c008aa390b37694c2381491f1dd083ba0a9941ebaf7a62f36e8ac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed