This advisory outlines 9 different vulnerabilities in Android. Some have been addressed while others have not.
f20ea77aed0ad871a849ae4a62616d2116c1535db652007f120f29161fba53aa
MF Sniffer is a python script for capturing unencrypted TSO login credentials. It requires Scapy. Given an interface, IP and port this script will try to sniff mainframe user IDs and passwords sent over cleartext using TN3270 (tested against x3270, TN3270Plux and TN3270X). This script does not work if the mainframe is using SSL encryption.
2f8ddc0ba0bec2aac0376b8862e3276847ef5e50cf7cb4cd1696b477d19a726d
Mandriva Linux Security Advisory 2013-025 - The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted mxit/imagestrips pathname. Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service via a crafted packet. upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service by leveraging access to the local network. This update provides pidgin 2.10.7, which is not vulnerable to these issues.
1947a7196d370ec292c6d6196bc378f7ab94ffd059b4a95d0ad67f48a214a6e6
Ubuntu Security Notice 1762-1 - Ansgar Burchardt discovered that APT incorrectly handled repositories that use InRelease files. The default Ubuntu repositories do not use InRelease files, so this issue only affected third-party repositories. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. This update corrects the issue by disabling InRelease file support completely. Various other issues were also addressed.
7ec4d9c9b620d30a5c750c688a228afc8aed1ace705b6394604cb8ec05f2f0fc
Google Chrome versions 21.0.1180.57 and below suffer from a NULL pointer vulnerability in InspectDataSource::StartDataRequest.
922f2c1e74a32dc38ee0d67c6334a31517da282683a2f06192b0fea1c6e5da62
A confirmed security vulnerability has been identified with 30 high traffic web sites owned by QuinStreet. The vendor stores database IDs in cookies which are easily spoofed (USERID_COOKIE), allowing all user information to be accessed.
12c6c5deb30c5b87678c3f751877699e042013d41da09a3c32d7c0543db5a1a8
An integer overflow vulnerability exists in the .qvw file format parser in QlikView Desktop Client version 11.00 SR2. A parameter that is responsible for the section length is checked improperly, which causes a heap overflow if any value bigger than 0x80000000 is set. Successful exploitation of this vulnerability could result in an arbitrary code execution within the QlikView Desktop client.
f1abbcb05d9f6164954a8e6deae36e2eeaaf00dbcf2183495a8690b131f1d1e5
Ubuntu Security Notice 1761-1 - It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server.
a139f03fd0b8a9c748ca3fca8449ab784e6431886e31fd02762b622672ee72b4
Red Hat Security Advisory 2013-0645-01 - Apache CXF is an open source services framework. It was found that the Apache CXF UsernameTokenPolicyValidator and UsernameTokenInterceptor allowed a UsernameToken element with no password child element to bypass authentication. A remote attacker could use this flaw to circumvent access controls applied to web services by omitting the password in a UsernameToken. This flaw was exploitable on web services that rely on WS-SecurityPolicy plain text UsernameTokens to authenticate users. It was not exploitable when using hashed passwords or WS-Security without WS-SecurityPolicy.
a8cabf84038ae0764d72ecd6fea22297f2eefbe04f4249e586339230dee77f43
This paper summarizes the findings from NCC's research into Akamai while providing advice to companies wishing to gain the maximum security when leveraging their solutions.
87bf6bdbd4a217dca83340b5158fe1ee1bc60e71894efd187434a3521fc29c37
nCircle IP360 version 7.0 discloses the LDAP password in cleartext in their HTML code.
65936fc21494ca5ba065730abc8ffc017c2866821962e6b47e4b86851827acdf
ClipShare version 4.1.4 suffers from remote blind SQL injection and plaintext password vulnerabilities.
a568735b6f3205c221aee116bd737215c0b537dd6bb646bc342ef61168392866
Red Hat Security Advisory 2013-0644-01 - Apache CXF is an open source services framework. It was found that the Apache CXF UsernameTokenPolicyValidator and UsernameTokenInterceptor allowed a UsernameToken element with no password child element to bypass authentication. A remote attacker could use this flaw to circumvent access controls applied to web services by omitting the password in a UsernameToken. This flaw was exploitable on web services that rely on WS-SecurityPolicy plain text UsernameTokens to authenticate users. It was not exploitable when using hashed passwords or WS-Security without WS-SecurityPolicy.
475507b92ce71db9cb57c1004a1e40e6e3069b3a0f28f93ae6c857128a6be8df
Cisco Video Surveillance Operations Manager version 6.3.2 suffers from cross site scripting, access bypass, and local file inclusion vulnerabilities.
889a7c95fe9ba307b4476548a140238036f8459886d5305efa04819e7fdd2104
Open-Xchange version 6 suffers from cross site scripting, local file inclusion, HTTP header injection / response splitting, missing SSL enforcement, server-side request forging, insecure password hashing, and file permission vulnerabilities.
8be9974c5b91f42a1ca77eb417301430aea4147dc0179c425ee43fbe9ef5c36e