Zyxel P-660HW-T1 version 3 suffers from a cross site request forgery vulnerability.
fd9b20b0d05fd77557aae1de1ada5ed4176bd0b607d5532fa11878fa9e8108c1HP Security Bulletin HPSBGN03041 - A potential security vulnerability has been identified with HP IceWall Configuration Manager running Apache Struts. The vulnerability could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.
64795997cd5a317c0b565929f621a7404bfe676a059784dec8dc3165de9eec6bVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing the "width" and "height" fields of a barcode element in a PDF, which could be exploited to execute arbitrary code via a malicious PDF file.
c5545ff4151f3d3fc0cd08c554b26236da99bbd61f13df1841d24f313158e669The Accellion Secure File Transfer SFTP Satellite ships with SSH tunneling enabled. An authorized SFTP user can connect to the SFTP satellite and leverage the SSH tunneling functionality to attack localhost bound ports that are not intended to be exposed externally. By leveraging trust assumptions in the running Rsync daemon, sensitive files including the MySQL root password are retrievable. This password can be used when connecting to the MySQL database, also running on localhost, and the password hashes of all users configured on the server can be retrieved. Accellion released a software update to version FTA_9_8_70 on the 4th of December 2013 which disables SSH tunneling and prevents this issue being exploited.
68bc250d8823491080a18930f81edf603898e7a112a41ce582d30e72238a43bbUbuntu Security Notice 2219-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
5483ba963061925d2f4fc4ff849d723fc2ed76a1ec4a8e5d606519d95f21cebcUbuntu Security Notice 2220-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
f538ceeba1f59cb49790485df05f335d059438943dbea0956289c617341b9e8fUbuntu Security Notice 2227-1 - A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges. Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.
030f8dbdef1c111fe4bbe4103734f72cb888f3ba4144f7241099df3eede3cb21Ubuntu Security Notice 2228-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
cbc98ee7edf9f6b0c61ecb645c9d3e101aa77a558f1ea88158b44edf00b8d013Ubuntu Security Notice 2225-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
1ca8698870b1aeeb7cd24ed60310742267e3248417075cd461c1b8fa466516f1Ubuntu Security Notice 2226-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
bb02d6be147b2a64bf2eed1aa6203edb6f0c032d53a6ce0479e428d685379925Ubuntu Security Notice 2223-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
c386b44476309ae7dac47eb0a8d7cc0a26662f0c3adc3b24f480afe3edd7f15cUbuntu Security Notice 2224-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
b625f3ae67dd825bf8f26346dd77dbec5fa9b71a0820c41ad8aa80cd57a6a847Ubuntu Security Notice 2222-1 - Robert Kisteleki discovered mod_wsgi incorrectly checked setuid return values. A malicious application could use this issue to cause a local privilege escalation when using daemon mode. Buck Golemon discovered that mod_wsgi used memory that had been freed. A remote attacker could use this issue to read process memory via the Content-Type response header. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.
36636054de74138601b060fbec176563d8ca424f38c63b93ff1a46e5c5134b57Ubuntu Security Notice 2221-1 - Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. Matthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. Various other issues were also addressed.
5616975f2fb4dd39c84f62c8002d7351e1f5dddc09b837aabc10d511eb920b67The Call For Papers for CSSE2014 has been announced. It will take place in Hangzhou, China, on October 18th and 19th, 2014.
3d9e612b7c36cd1c34a2ac64e5bca9dcea398270364a7dabfdd0579c535b72d2Emerson DeltaV versions 10.3.1, 11.3, 11.3.1, and 12.3 suffer from world-writable system folder and hardcoded credential vulnerabilities.
56e7ecad43c295ceb075b56c6cba23a12039fd8da5c350cd0cbaccbe42989156Splunk version 6.1.1 suffers from a cross site scripting vulnerability.
7a31ef4fcee869912b77477df42034cdbbb008b74b988e45e6ecd10d53c1f5cc
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed