Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service 'PFNet' service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
72c60aa352044f0a19f6a1f7017aca854db891e8955383cd6a110d5872cf10ceThe Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'getpage' parameter to 'webproc' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
6b1cac42339ed6d753c18f9439e8f09185a5a002e722156840b34f1b66a6a123Mandriva Linux Security Advisory 2014-222 - Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file.
b1e46fa67faacfb7e538c3ab47855727400c604063f8f1f9cdcbb61a33e35d27Mandriva Linux Security Advisory 2014-221 - Although Mandriva forgot to include a problem description in this advisory, it appears that their latest packages for php-smarty may have address cross site scripting and code execution vulnerabilities.
7cbd232472b3b573ab03123f0ac49ea2ed2fdb427ad187747ab9a0211410bd37Mandriva Linux Security Advisory 2014-220 - Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other security issues were also addressed.
480666aecbbb024a07215735219c58b0e7f5a12a96b93245aa388fe716692f65Mandriva Linux Security Advisory 2014-219 - Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol(SRTP), in how the crypto_policy_set_from_profile_for_rtp() function applies cryptographic profiles to an srtp_policy. A remote attacker could exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.
4b5a258db5c599bcb432c7d521bd5c29b7892a1bed1f9afdcb8dc8b676bb2169HP Security Bulletin HPSBHF03052 2 - Potential security vulnerabilities have been identified with HP Network Products running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, modify or disclose information. Revision 2 of this advisory.
05b5388c45bab42768c86cb307b795bd77831c2a0e62454db751fab2eff1be37Mandriva Linux Security Advisory 2014-218 - Multiple vulnerabilities have been discovered and corrected in asterisk. The updated packages has been upgraded to the 11.14.1 version which is not vulnerable to these issues.
0534fe5967f21eae7e7046a4d878c5be5ad87b03ce2d780f490b6b44c04c1d6cGentoo Linux Security Advisory 201411-6 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.418 are affected.
83203fb083c7020525f2bfe19e222e1c2c84a7d9fcbe5f3b8712fb38a32e0044Mandriva Linux Security Advisory 2014-224 - The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by leveraging administrative access.
44e0fd2f76775f8cdc8e4d5fe78161fa0d40493711469db9916abe892af3d940Mandriva Linux Security Advisory 2014-223 - Updated wireshark packages fix a buffer overflow, multiple crashes, and infinite loops.
813c170a97d187887177fada8774c35108d4d1d5eb92bcaa565037e19ac19de7Supr Shopsystem version 5.1.0 suffers from a persistent cross site scripting vulnerability.
d239919808c42bcfd73d9a1bdc41e0e79ba071ea4ba1128d751cd075c2db8070WordPress SP Client Document Manager plugin version 2.4.1 suffers from multiple remote SQL injection vulnerabilities.
b18e6e4b484a312dbda33b1e6f7d610706ece1a457666fdd2cd58a06ceab8864Booking.com suffers from an open redirection vulnerability.
f2358fbee6f5af6b154336cd6f1cd85ff2e91030dd22a7ffc1202c127a773e86Asterisk Project Security Advisory - The DB dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation.
5f6de459bd80960c973e40d53339c46b02b67d9db5559130f299530051f16340Asterisk Project Security Advisory - The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action "ConfbridgeStartRecord" could also be used to execute arbitrary system commands without first checking for system access.
eebc8eabd10dc9e3b8bc9523e239a9374c0d69bf823e68db757ae0b2b1368d33Zenario CMS version 7.0.2d suffers from cross site scripting and open redirection vulnerabilities.
544d76bbfe2ee7fe1e09e322e7b0f4b627b274a70c83144675ce569ff75ff7a6A security flaw in WordPress 3 allows injection of JavaScript into certain text fields. In particular, the problem affects comment boxes on WordPress posts and pages. These do not require authentication by default.
02864c8b1d8ce4fe8f2269a04a424fa54ebc581ac541b6681c57d7abdb8251f1Asterisk Project Security Advisory - When handling an INVITE with Replaces message the res_pjsip_refer module incorrectly assumes that it will be operating on a channel that has just been created. If the INVITE with Replaces message is sent in-dialog after a session has been established this assumption will be incorrect. The res_pjsip_refer module will then hang up a channel that is actually owned by another thread. When this other thread attempts to use the just hung up channel it will end up using freed channel which will likely cause a crash.
15a4222dbf1ccd2736fba02c722a20bb0de7e9d45367175f41e820c972765349Asterisk Project Security Advisory - The chan_pjsip channel driver uses a queue approach for actions relating to SIP sessions. There exists a race condition where actions may be queued to answer a session or send ringing AFTER a SIP session has been terminated using a CANCEL request. The code will incorrectly assume that the SIP session is still active and attempt to send the SIP response. The PJSIP library does not expect the SIP session to be in the disconnected state when sending the response and asserts.
55c0f051137922494f6ce7feebfbe8e1ea4b9b2169a67c126fdff6d43bda124aAsterisk Project Security Advisory - The ConfBridge application uses an internal bridging API to implement conference bridges. This internal API uses a state model for channels within the conference bridge and transitions between states as different things occur. Under load it is possible for some state transitions to be delayed causing the channel to transition from being hung up to waiting for media. As the channel has been hung up remotely no further media will arrive and the channel will stay within ConfBridge indefinitely.
84eb5f3fb7ddc9a0f5ee17c933a15f1ce01cc2ecc88d2c7325407f4bef03640bAsterisk Project Security Advisory - The Asterisk module res_pjsip_acl provides the ability to configure ACLs that may be used to reject SIP requests from various hosts. In affected versions of Asterisk, this module fails to create and apply ACLs defined in pjsip.conf. This may be worked around by reloading res_pjsip manually after res_pjsip_acl is loaded.
b3b03fb6b4fdfbb86b064255aefc3988d26b8846fa6491e95caf916c96308e46Asterisk Project Security Advisory - Many modules in Asterisk that service incoming IP traffic have ACL options ("permit" and "deny") that can be used to whitelist or blacklist address ranges. A bug has been discovered where the address family of incoming packets is only compared to the IP address family of the first entry in the list of access control rules. If the source IP address for an incoming packet is not of the same address family as the first ACL entry, that packet bypasses all ACL rules. For ACLs whose rules are all of the same address family, there is no issue.
d63dbc1f4a1555e213fdaf8b7170df0e1ef4f9f7d5de91107a8f9832f1027a68Liferay Portal versions 6.2 EE SP8 and below suffer from a cross site scripting vulnerability.
588c7b3f899dee927dca095f3cb6bd26659601629c29183946a39fcf4cca2cebUbuntu Security Notice 2413-1 - An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under certain circumstances, a malicious application could use this flaw to perform operations that are not allowed by AppArmor policy. The flaw may also prevent applications from accessing resources that are allowed by AppArmor policy.
cb6348b595c35e29fb92f1184a6f07493140def07694f71a448a48054ceb11f8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed