Apache Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to authenticated users, but will return all User objects in the database given the correct query. Versions 0.11 through 0.20 are affected.
0fc0f4d0dcf747beda3059f5ac91c70414ea7169915d9f52f748260badb8a8b5Red Hat Security Advisory 2013-0642-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
8b1a9a0a45fdfe4c64610be5ad885aee3d8fb232a6d0d9d295fec37d5897026cRed Hat Security Advisory 2013-0641-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
b17c7b1cb9a4d920da3ae282a1a0a4dcaa4e87162000e5cecc06cb5efd96155aRed Hat Security Advisory 2013-0638-01 - OpenShift Enterprise is a cloud computing Platform-as-a-Service solution from Red Hat, and is designed for on-premise or private cloud deployments. A flaw was found in the handling of paths provided to ruby193-rubygem-rack. A remote attacker could use this flaw to conduct a directory traversal attack by passing malformed requests. A timing attack flaw was found in the way rubygem-rack and ruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid an attacker using forged digital signatures to bypass authentication checks.
9e045bd47adb6a86f07fa92b8a517a7d9b9f762d12aa827a569c54656f19000bRed Hat Security Advisory 2013-0640-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
707dc36d38095c8b6cacd272f8441c2226c2e3525ae91d72066a9d89daf6981bRed Hat Security Advisory 2013-0639-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. All users of qemu-kvm-rhev are advised to upgrade to these updated packages, which correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
bed4ca2ffa58ff464b22fe9153408f7383ab7e71c51b9b0765bcd70a4711c44cRed Hat Security Advisory 2013-0630-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the xen_iret() function in the Linux kernel used the DS register. A local, unprivileged user in a 32-bit, para-virtualized Xen hypervisor guest could use this flaw to crash the guest or, potentially, escalate their privileges.
6fa1613bf864c4c725e20dda548b31d5d8bb3ea21a89fe76b531167d82f4f709ChronIC is the Chronos Integrated Commander, a wearable Sub-GHz RF hacking tool. Written in python.
2e5b1a404052563be569b4eb937c43f4f60865492e6ff788e324c1240648695dOpenSSL-based signcode utility is used for Authenticode signing of EXE/CAB files. It also supports timestamping.
9d9235d45c7de9b9459a45e0307fa17da99ef289db3cc5f4623a4d171edcc29cWeb Cookbook suffers from multiple remote SQL injection vulnerabilities.
74eb1ad64b0bce3e3791e0693f15a1c7c3d96dee667109bbba5c77d600b03146Yandex xdLab TagScanner version 5.1 suffers from a stack buffer overflow vulnerability.
e693f08c846eafa2d28e63c5d1b289cee7c19b70f6f1ed43ea8bdba4743dc36aThe PayPal Portable Store Front widget suffered from a cross site scripting vulnerability.
7300da6ef827e8502849d57a847fcb00022ac5b9910f43357bb2e9aaeeb37ec2This bulletin summary lists 7 released Microsoft security bulletins for March, 2013.
3be2df7adb70e29f12bc6356bcd2b838ca3dbb780481f4fdca1c712e50238e41This bulletin summary lists two re-released Microsoft security bulletins for March, 2013.
0fb44f018f32ce5eae050121d89558a4795495ff42ba8cc3a548947cc5d1e1c8The ASUS RT-N66U suffers from a hidden root$ Samba share and a MiniUPnP listening on the WAN interface. It also has an out of date kernel and multiple old libraries in use.
1612183344436e02a4e558842cc13f4e0957fe902f9f0cbc29c1e64699d5cab2Cam2pc version 4.6.2 Freeware suffers from a BMP image processing integer overflow vulnerability.
b1cf810934a520037613b1ade4af79ae169021363455268874990d40afa27bb8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed