Mandriva Linux Security Advisory 2013-239 - Updated wordpress and php-phpmailer packages fix security vulnerabilities. wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations. WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string. wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter. The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of.htm and.html files, which might make it easier for remote authenticated users to conduct cross-site scripting attacks via a crafted file. The default configuration of WordPress before 3.6.1 does not prevent uploads of.swf and.exe files, which might make it easier for remote authenticated users to conduct cross-site scripting attacks via a crafted file, related to the get_allowed_mime_types function in wp-includes/functions.php. Additionally, php-phpmailer has been updated to a newer version required by the updated wordpress.
14d3e4af5ccf56ce47340ad79ec994f4f64d3f8a5ec89000dfd5cb60a7c7a95e
Mandriva Linux Security Advisory 2013-238 - The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service via a crafted packet. epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service via a crafted packet. Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service via a crafted packet. The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service via a crafted packet. Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service via a crafted packet. This advisory provides the latest supported version of Wireshark which is not vulnerable to these issues.
59f514761be19fd8610b15bd6386922bee2038f6ecab24aabefb8b76061ac264
Ajax File and Image Manager versions 1.1 and below suffer from a code execution vulnerability.
31237d5de06bf26d9ad7ab55fd1d1c9458637ce9c4fee50f8d6fb5185bddb0d1
Slackware Security Advisory - New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
4be24f840f572fb691ede47d78c81bed25a1b4f21cd556207faf96e20152327f
HP Security Bulletin HPSBMU02900 3 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Local Denial of Service (DoS), remote Denial of Service (DoS), execution of arbitrary code, gain privileges, disclosure of information, unauthorized access, or XSS. Revision 3 of this advisory.
b930d764b9b0c0dddad54a771b6387f16cd50297af79c0ae2ab5b835d0ef2fa3
This Metasploit module exploits a SEH stack-based buffer overflow in freeFTPd Server PASS command version 1.0.10. credit goes to Wireghoul.
9b1b3722c40ca89375f977802175807d831acd844ac69afb11a55ae6296de174
McKesson active-x control version 11.0.10.38 suffers from a variable enumeration vulnerability.
eb5a347719e20933c95310d59d0af5d7d0a513bcbf2f6ec63b483b1c7dc9b822
WordPress RokMicroNews plugin versions 1.5 and below suffer from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
ea1a5a7a7041572f9f1666622d7a30d7aaf1299bc892596fc238dd0d0c44d675
This Metasploit module exploits a buffer overflow in A-PDF WAV to MP3 version 1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
c36f8e21b4b97cee5ba878b04ceb9d74b2c3487cf9055592c90c45c97711c507
Apple Security Advisory 2013-09-18-3 - Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.
36470237c2b9e2979b0fb025e050ba382aeb9d886ccd43cd170b2d45dd2f3523
Apple Security Advisory 2013-09-18-2 - iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.
28033ee75b46e43dd395d653bcaeafcb70f1b640306db4446062bdbfd7ff9c7f
HP Security Bulletin HPSBUX02927 SSRT101288 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS). Revision 1 of this advisory.
aa6b7ac4280371a19f7882c9282af21cd79cd3f23a82758bd65a72326125e77d
Adtran Netvanta 7100 with firmware prior to R10.5.3.HA suffers from bypass, injection, and cross site scripting vulnerabilities.
de57cf95a25a199d03c85cba970136084ba737d94ce33a865bda94b7d07f6e41
Drupal Google Site Search third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
972ae26c92439b0920ff497bcf979ab17d02b18b0344435efc7a96269a876aae
WordPress Complete Gallery Manager version 3.3.3 suffers from a remote shell upload vulnerability.
30600a42195af3e9dafb7dd91b072eaf413f11eb0a730f8d5b36d9226bcdafde
WordPress RokIntroScroller plugin versions 1.8 and below suffer from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.
51756b3d26e947a4e3e7bee9dc5b4b36ee6fcc6a1dfe1823c1e33467cf47748e