Debian Linux Security Advisory 3024-1 - Genkin, Pipman and Tromer discovered a side-channel attack on Elgamal encryption subkeys.
b2346aef46332e7dd3e40eb0441330ae17335baff74358e7b56dfc81b92896c8
Debian Linux Security Advisory 3023-1 - Jared Mauch reported a denial of service flaw in the way BIND, a DNS server, handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.
0c747ab33b05927c81ed21001fd7ebc7f8d6980413af8ba29ccff7c19a76ee10
Rooted SSH/SFTP Daemon installs with static default root credentials and does not prompt the user to change them.
04c4d92a411b17314d846f4d2d72d2c504c386afce4fbd9c2181d3687821c1dc
Joomla Spider Form Maker versions 3.4 and below suffer from a remote SQL injection vulnerability.
5c25d9bbb458923098a56f057354dcfed35e345f3b132afb9cfcd72b197098bc
Food Order Portal version 8.3 suffers from a cross site request forgery vulnerability. Note that this finding houses site-specific data.
1ea1544a5ebc5aaffe39261af2fcca694eb003fcf7092e12495bbea16b10c3d5
WordPress Photo Album plugin versions 5.4.3 through 5.4.4 suffer from multiple cross site scripting vulnerabilities.
c38d7002e32eb064b1714abb53b8e2a9009080e41e1a14a2eb784e026081cc25
Travel Portal II version 6.0 suffers from a cross site request forgery vulnerability.
62a86dc8112532213efcb4069d4e0905784a3f5239b1a32bb2fa868ea3dd6b04
HttpFileServer version 2.3.x suffers from a remote command execution vulnerability due to a poorly formed regex.
b3271bba3fc147d5debc54d8dbb9d30c83064441e55e54ba453b1f75c0faa5bc
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
56b718b99d84de2abc347d7ea9492308f424f900effa0430fbf868ff72694af7
This Metasploit module exploits a remote file include vulnerability in Railo, tested against version 4.2.1. First, a call using a vulnerable cffile line in thumbnail.cfm allows an attacker to download an arbitrary PNG file. By appending a .cfm, and taking advantage of a directory traversal, an attacker can append cold fusion markup to the PNG file, and have it interpreted by the server. This is used to stage and execute a fully-fledged payload.
0bbe174102c9e26fadfffb5af3c7e341a378b56297c9ad11a3b67c73f86ebcd0
This Metasploit module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer. The vulnerability exists in the agentUpload servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses a remote attacker can achieve remote code execution. This Metasploit module has been tested successfully on versions v7.0 - v9.9 b9002 in Windows and Linux. Versions between 7.0 and < 8.1 are only exploitable via EAR deployment in the JBoss server, while versions 8.1+ are only exploitable via a JSP upload.
7a0773137d222dd2f47bbc5c83d57f0b5cff637f5610d1a372378c64bc78f404
This Metasploit module exploits an authentication bypass vulnerability in Solarwinds Storage Manager. The vulnerability exists in the AuthenticationFilter, which allows to bypass authentication with specially crafted URLs. After bypassing authentication, is possible to use a file upload function to achieve remote code execution. This Metasploit module has been tested successfully in Solarwinds Store Manager Server 5.1.0 and 5.7.1 on Windows 32 bits, Windows 64 bits and Linux 64 bits operating systems.
8e0158bd6ed6894515f4b2ee12c6dea89374d232c9a98949f115bcf2c61c7927
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
eeafb14a95438e49cb3a3b2cabcfa0eecfa2d5afdd3fa59d9ba0d25ce7215023
ChatSecure IM version 2.2.4 suffers from a script insertion vulnerability.
a1d63992776f6b160baadca0cf9825cb09885083022c371a9e0bcecbe4a38c27
Photorange version 1.0 suffers from a local file inclusion vulnerability.
75bef9925a77ffb1dc427868354508f7fe746ca675fc20a44c20d9fc5c720bf1
The International Conference on Semantic Web Business and Innovation (SWBI2015) has announced it's call for participation. It will be held at the University of Applied Sciences and Arts Western Switzerland October 7th through the 9th, 2015.
2decc494976fd7e643725443dddb1d0d88fcc1f82ba12b2c5df91dd01325b912
Red Hat Security Advisory 2014-1186-01 - The katello-configure package provides the katello-configure script, which configures the Katello installation, and the katello-upgrade script, which handles upgrades between versions. It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search. All Subscription Asset Manager users are advised to upgrade to this updated package. The update provides a script that modifies the elasticsearch.yml configuration file to disable dynamic scripting. After updating, run the "katello-configure" command. This will update the elasticsearch.yml configuration file and restart the elasticsearch service.
8e0e0f078d1634249edcb305467202bd802bcf0c3aae4448de08308a913120e0
Red Hat Security Advisory 2014-1184-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. The spacewalk-java packages contain the code for the Java version of the Spacewalk Web site. A stored cross-site scripting flaw was found in the way spacewalk-java displayed log files. By sending a specially crafted request to Satellite, a remote attacker could embed HTML content into the log file, allowing them to inject malicious content into the web page that is used to view that log file.
1079b54963ab4b32ed48f60599cdc5de85f122fd581763afd88f13c5e6fca19e
Ubuntu Security Notice 2330-1 - Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered a use-after-free during DOM interactions with SVG. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
2fdd85d864eecc852ec8cfbedce628458a05c03413ae106c41c0a5947f7f1247
VMware Security Advisory 2014-0009 - VMware NSX and vCloud Networking and Security (vCNS) product updates address a vulnerability that could lead to critical information disclosure.
e0e5dd6e6eac5631d03573d4eaa26612f938e3d5a6bae43522bfab629c5a85ad