what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2014-11-21

Privacyware Privatefirewall 7.0 Privilege Escalation
Posted Nov 21, 2014
Authored by LiquidWorm | Site zeroscience.mk

Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

tags | exploit, arbitrary, local, root
systems | windows
MD5 | 6367fe8061d0c6bd4b03568f67755778
Netgear Wireless Router WNR500 Local File Inclusion
Posted Nov 21, 2014
Authored by LiquidWorm | Site zeroscience.mk

The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.

tags | exploit, local, file inclusion
MD5 | 04d130ca77e9b72a00df0cfd24160338
Mandriva Linux Security Advisory 2014-222
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-222 - Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-7823
MD5 | a96ce26e2e46025ebba088cb4ca7f97a
Mandriva Linux Security Advisory 2014-221
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-221 - Although Mandriva forgot to include a problem description in this advisory, it appears that their latest packages for php-smarty may have address cross site scripting and code execution vulnerabilities.

tags | advisory, php, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2012-4437, CVE-2014-8350
MD5 | 7683cba90c082bb55c5b87313cd89bb3
Mandriva Linux Security Advisory 2014-220
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-220 - Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other security issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, local, code execution
systems | linux, mandriva
advisories | CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4533, CVE-2013-4534, CVE-2013-4535, CVE-2013-4536, CVE-2013-4537, CVE-2013-4538, CVE-2013-4539, CVE-2013-4540, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0148, CVE-2014-0150
MD5 | 64cf589a4675a623fd718ae4765326e0
Mandriva Linux Security Advisory 2014-219
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-219 - Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol(SRTP), in how the crypto_policy_set_from_profile_for_rtp() function applies cryptographic profiles to an srtp_policy. A remote attacker could exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.

tags | advisory, remote, denial of service, overflow, protocol
systems | cisco, linux, mandriva
advisories | CVE-2013-2139
MD5 | b57e87e8483fb348477b0ced5b92d541
HP Security Bulletin HPSBHF03052 2
Posted Nov 21, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03052 2 - Potential security vulnerabilities have been identified with HP Network Products running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-5298, CVE-2014-0198, CVE-2014-0224
MD5 | a9008f2f3c90dcd47c4526d8ff4e967a
Mandriva Linux Security Advisory 2014-218
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-218 - Multiple vulnerabilities have been discovered and corrected in asterisk. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-3566, CVE-2014-6610
MD5 | 3af2e80407397b9636f0714cbc685445
Gentoo Linux Security Advisory 201411-06
Posted Nov 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201411-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.418 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0558, CVE-2014-0564, CVE-2014-0569, CVE-2014-0573, CVE-2014-0574, CVE-2014-0576, CVE-2014-0577, CVE-2014-0581, CVE-2014-0582, CVE-2014-0583, CVE-2014-0584, CVE-2014-0585, CVE-2014-0586, CVE-2014-0588, CVE-2014-0589, CVE-2014-0590, CVE-2014-8437, CVE-2014-8438, CVE-2014-8440, CVE-2014-8441, CVE-2014-8442
MD5 | cb15d253273e9366486450c41bbfe9a6
Mandriva Linux Security Advisory 2014-224
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-224 - The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2014-5351
MD5 | a4bb606e54269b316bc0cbe51ab6e24b
Mandriva Linux Security Advisory 2014-223
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-223 - Updated wireshark packages fix a buffer overflow, multiple crashes, and infinite loops.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2014-8710, CVE-2014-8711, CVE-2014-8712, CVE-2014-8713, CVE-2014-8714
MD5 | 442c78624aa3407f82dd8abd522bf899
Supr Shopsystem 5.1.0 Cross Site Scripting
Posted Nov 21, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Supr Shopsystem version 5.1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3a929224e3f6dbc8e85f14c53b36a708
WordPress SP Client Document Manager 2.4.1 SQL Injection
Posted Nov 21, 2014
Authored by Dang Quoc Thai

WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 55934e58ca6de45278c138694f570929
Booking.com Open Redirect
Posted Nov 21, 2014
Authored by s3rgio

Booking.com suffers from an open redirection vulnerability.

tags | exploit
MD5 | b3f0d2b1e6d106382283758d679ea739
Asterisk Project Security Advisory - AST-2014-018
Posted Nov 21, 2014
Authored by Kevin Harwell, Gareth Palmer | Site asterisk.org

Asterisk Project Security Advisory - The DB dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation.

tags | advisory, protocol
MD5 | 5f3ebc9cf9f2fb17c6c2dc4f44aba39e
Asterisk Project Security Advisory - AST-2014-017
Posted Nov 21, 2014
Authored by Kevin Harwell, Gareth Palmer | Site asterisk.org

Asterisk Project Security Advisory - The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action "ConfbridgeStartRecord" could also be used to execute arbitrary system commands without first checking for system access.

tags | advisory, arbitrary, protocol
MD5 | 6d75a797b464251b1e32034bc2191a06
Zenario CMS 7.0.2d Cross Site Scripting / Open Redirect
Posted Nov 21, 2014
Authored by LiquidWorm | Site zeroscience.mk

Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e905a422e8373a66ff43635969481726
WordPress 3.9.2 Cross Site Scripting
Posted Nov 21, 2014
Authored by Jouko Pynnonen | Site klikki.fi

A security flaw in WordPress 3 allows injection of JavaScript into certain text fields. In particular, the problem affects comment boxes on WordPress posts and pages. These do not require authentication by default.

tags | advisory, javascript, xss
MD5 | 0f7f12faafeedc2e7b0977984f3b5a0a
Asterisk Project Security Advisory - AST-2014-016
Posted Nov 21, 2014
Authored by Joshua Colp | Site asterisk.org

Asterisk Project Security Advisory - When handling an INVITE with Replaces message the res_pjsip_refer module incorrectly assumes that it will be operating on a channel that has just been created. If the INVITE with Replaces message is sent in-dialog after a session has been established this assumption will be incorrect. The res_pjsip_refer module will then hang up a channel that is actually owned by another thread. When this other thread attempts to use the just hung up channel it will end up using freed channel which will likely cause a crash.

tags | advisory
MD5 | ad443124e8b31e3f67b0ef3190563e16
Asterisk Project Security Advisory - AST-2014-015
Posted Nov 21, 2014
Authored by Joshua Colp, Yaron Nahum | Site asterisk.org

Asterisk Project Security Advisory - The chan_pjsip channel driver uses a queue approach for actions relating to SIP sessions. There exists a race condition where actions may be queued to answer a session or send ringing AFTER a SIP session has been terminated using a CANCEL request. The code will incorrectly assume that the SIP session is still active and attempt to send the SIP response. The PJSIP library does not expect the SIP session to be in the disconnected state when sending the response and asserts.

tags | advisory
MD5 | 1f457cd6c67d3293e290a8b8a59622ab
Asterisk Project Security Advisory - AST-2014-014
Posted Nov 21, 2014
Authored by Joshua Colp, Ben Klang | Site asterisk.org

Asterisk Project Security Advisory - The ConfBridge application uses an internal bridging API to implement conference bridges. This internal API uses a state model for channels within the conference bridge and transitions between states as different things occur. Under load it is possible for some state transitions to be delayed causing the channel to transition from being hung up to waiting for media. As the channel has been hung up remotely no further media will arrive and the channel will stay within ConfBridge indefinitely.

tags | advisory
MD5 | 2945c50e19d44b99fd92e50ebc97bd9f
Asterisk Project Security Advisory - AST-2014-013
Posted Nov 21, 2014
Authored by Jonathan Rose | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk module res_pjsip_acl provides the ability to configure ACLs that may be used to reject SIP requests from various hosts. In affected versions of Asterisk, this module fails to create and apply ACLs defined in pjsip.conf. This may be worked around by reloading res_pjsip manually after res_pjsip_acl is loaded.

tags | advisory
MD5 | ecf2c3145d6f7c7c95001d331ca29c60
Asterisk Project Security Advisory - AST-2014-012
Posted Nov 21, 2014
Authored by Andreas Steinmetz | Site asterisk.org

Asterisk Project Security Advisory - Many modules in Asterisk that service incoming IP traffic have ACL options ("permit" and "deny") that can be used to whitelist or blacklist address ranges. A bug has been discovered where the address family of incoming packets is only compared to the IP address family of the first entry in the list of access control rules. If the source IP address for an incoming packet is not of the same address family as the first ACL entry, that packet bypasses all ACL rules. For ACLs whose rules are all of the same address family, there is no issue.

tags | advisory
MD5 | ad7432df849fce8e8723e557e8bab00e
Liferay Portal 6.2 EE SP8 Cross Site Scripting
Posted Nov 21, 2014
Authored by Ariel Walter Garcia

Liferay Portal versions 6.2 EE SP8 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-8349
MD5 | 9c329de412bae698b3a45c5669854442
Ubuntu Security Notice USN-2413-1
Posted Nov 21, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2413-1 - An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under certain circumstances, a malicious application could use this flaw to perform operations that are not allowed by AppArmor policy. The flaw may also prevent applications from accessing resources that are allowed by AppArmor policy.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-1424
MD5 | 1e442d02193dff1d5ef8d17298083dcf
Page 1 of 2
Back12Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close