Red Hat Security Advisory 2013-1763-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.
94602687dfe230a8f38b662786c823e24d043fb7a357ccc9fb03fb0ae8c5a237Red Hat Security Advisory 2013-1764-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.
00d43abf0a3546711d0711a5ec5c75bc3a8f3b962ebe380f5589285b7d3d941dRed Hat Security Advisory 2013-1762-01 - Red Hat JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. It was discovered that the JBoss Operation Network configuration files, for both the server and the agent, were world readable by default. A malicious local user could possibly read sensitive information regarding the installation, including various authentication credentials. This issue was discovered by Larry O'Leary of the Red Hat Middleware Support Engineering Group.
4181ab416ac2e7466f3f2fc0b2021f0561f5ddec2bb35696ce1375939bb7c123Mandriva Linux Security Advisory 2013-284 - Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow. Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function. Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service via a large value to the aligned_alloc functions. A stack overflow flaw, which led to a denial of service (application crash), was found in the way glibc's getaddrinfo() function processed certain requests when called with AF_INET6. A similar flaw to this affects AF_INET6 rather than AF_UNSPEC. The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC does not initialize the random value for the pointer guard, which makes it easier for context- dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address. The updated packages have been patched to correct these issues.
00fea704bf1f1055d112be7b211b292f2d6fed3a9a06d1f22b451064014e9b25Gentoo Linux Security Advisory 201311-15 - Multiple vulnerabilities have been found in Zabbix, possibly leading to SQL injection attacks, Denial of Service, or information disclosure. Versions less than 2.0.9_rc1-r2 are affected.
376284ead2ebc1de7d71b4043ed1c195b1d07fa77b9a865731ec3db09ef944b1Gentoo Linux Security Advisory 201311-16 - A vulnerability has been found in fcron, allowing local attackers to conduct symlink attacks. Versions less than 3.0.5-r2 are affected.
66b03180e217e23b048a674187af4a6802ff86495b72dcbc3228880511f078d0Mandriva Linux Security Advisory 2013-283 - Updated glibc packages fix multiple security issues. Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow. Stack-based buffer overflow in string/strcoll_l.c in the GNU C Library 2.17 and earlier allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long string that triggers a malloc failure and use of the alloca function. pt_chown in GNU C Library before 2.18 does not properly check permissions for tty files, which allows local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. Various other issues were also addressed.
1c82e380a68105a8faa750720b4e2f2251bb1cd7f4dd03f29ae8a02d1b90188bMandriva Linux Security Advisory 2013-282 - Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart could potentially execute commands on the server if these temporary filenames are used in subsequent commands without further checks.
ae8a09f529384327fb193842fcebddd1a96d9cfda45247e283628ee923156f50Mandriva Linux Security Advisory 2013-281 - Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might have potential other impact.
24200da29b62dbc19d61f3556eb553257ad19ae7b5b9d0f6454ad0816b56eed0The Rackspace Windows Agent and Updater allows for modified Agent binaries to be remotely uploaded (without authentication) to Rackspace Cloud Server guest instances. Modified Agent binaries are processed as an update for the Agent and arbitrary code can then be executed after the service is restarted. Previous versions of the Updater (before 1.2.6.0) allowed for unsigned agent updates utilizing a specially crafted .NET remote call to TCP port 1984.
e1432ce56dfb5361bc47edbd2d3c8d08d7d01f9b5dba847ea442095175de0442NOAA.gov suffers from cross site request forgery, cross site scripting, and clickjacking vulnerabilities. The authored has tried to contact them but has received no response.
c1f55ea29ba7cf55838a8a216d2e5c0918b27490eb78e8f438416ea546ac11c2WordPress Contact Form 7 versions 3.5.2 and below suffer from a remote shell upload vulnerability.
b67761ce5c2175bb4250fb9167f3ba1deb8c6aba800b8043a638dfabb5cdd524A cross-site scripting vulnerability could be potentially exploited for conducting malicious scripting attacks in RSA Data Protection Manager Appliance. A vulnerability exists in SSL and TLS protocols that may allow attackers to execute an arbitrary HTTP transaction in RSA Data Protection Manager Appliance. RSA Data Protection Manager Appliance versions 3.2.x and 3.5 (Hardware and Virtual) are affected.
e9f4812252efcf9d2dad08d0c578674122a5db223e9ef7fb279cc62083231a34Mandriva Linux Security Advisory 2013-279 - The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service via a crafted packet. Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service via a crafted packet. The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service via a crafted packet. The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service via a crafted packet. epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service via a crafted packet. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
19d8cbf5dbd09c08f510ceaf71d9d115f1ff8473a2fad7a30346b6ca2f265df2Gentoo Linux Security Advisory 201311-14 - Multiple vulnerabilities have been discovered in QtCore and QtGui, possibly resulting in execution of arbitrary code, Denial of Service, or man-in-the-middle attacks. Versions less than 4.8.4-r2 are affected.
48adb5e90b61766cc2b61bf6a9f67ae045e98144649b3e6a9b77199924122d98Debian Linux Security Advisory 2802-1 - Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request.
e96ec50cb4d0fde794d104f316ef2cfa7420d164eab8c9a762d05005df862a3fMandriva Linux Security Advisory 2013-280 - Memcached is vulnerable to a denial of service as it can be made to crash when it receives a specially crafted packet over the network. The updated packages for Enterprise Server 5 has beed patched to resolve this flaw. The updated packages for Business Server 1 has been upgraded to the 1.4.15 version and patched to resolve this flaw.
71efbce471f6a0ee043444282aefd829ffccfe6a783c6d2e033ccff59598c9d0Ubuntu Security Notice 2033-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. Various other issues were also addressed.
13110ea0ded97b1b213d269ef9d4e12eb1b993f7d5fdb1ee7fd11aa697ef8073Debian Linux Security Advisory 2801-1 - Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses HTTP::Body::Multipart could potentially execute commands on the server if these temporary filenames are used in subsequent commands without further checks.
ab519a2ad25a4dd355fa972fa98e656f4b1f2cc7c32d2e60a9114ecd18c29725Red Hat Security Advisory 2013-1615-02 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers.
e9c43b76ec5610e3455ac53f39d2e0ecc1fbdf12915676ffe3014f05ce897df2Red Hat Security Advisory 2013-1569-02 - Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
7f3f7798dc92e097ef305e4b1e31fdf494b6ba631fb4d04aeb99e0eeff06aeeaRed Hat Security Advisory 2013-1582-02 - Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the way the Python SSL module handled X.509 certificate fields that contain a NULL byte. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully crafted certificate signed by an authority that the client trusts. These updated python packages include numerous bug fixes and one enhancement. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes.
5318bfc58a04f6c630a98000db359d1fd38a86056966b53d50fec165f8a5e4e4Red Hat Security Advisory 2013-1540-02 - Evolution is the integrated collection of email, calendaring, contact management, communications, and personal information management tools for the GNOME desktop environment. A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages.
9fb326f3b1b47a580643bac3c257f224e35acd6f987a04d2349a2234d18d3e18Red Hat Security Advisory 2013-1553-02 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems that is built into the standard Red Hat Enterprise Linux kernel. The qemu-kvm packages form the user-space component for running virtual machines using KVM. A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
345c5293e46bc430ccaa14628978829b0fc3469e03734f2a2879bd54beda014fRed Hat Security Advisory 2013-1543-02 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. An integer overflow flaw was found in the way Samba handled an Extended Attribute list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. Note: This issue did not affect the default configuration of the Samba server.
46c5800f1d860d2fb58a17790ac3e3d0fc87f12c834aa604c4d748102d5f7295
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed