Alienvault OSSIM/USM versions 4.14, 4.15, and 5.0 suffer from cross site scripting, remote command execution, and remote SQL injection vulnerabilities.
05fedd0172a711f1b3ebccf206431da754dbc59c1c66baabdd88b6a813ba1830High-Tech Bridge Security Research Lab discovered a security vulnerability in the eShop WordPress Plugin, which can be exploited by remote attackers to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of user-supplied input in the "eshopcart" HTTP cookie. Successful exploitation of this vulnerability may potentially result in arbitrary PHP code execution.
b646ba90f83bf6fbf8ded5692dab800ca1dad5f780ce50ab36b9848e60d3f6b3The F5 ASM is a web application firewall designed to protect web applications from attacks. Due to the way that the system processes JSON content, it's possible to bypass the ASM using a crafted request to a URL that processes both JSON and regular URL encoded requests. Versions 11.4.0 and 11.4.1 are confirmed vulnerable.
e6abe385fd18e2857c231bede6a8524e4d82cb8ad1197e2ab340759994fa7badBIG-IQ version 0.0.7028 appears to disclose user passwords that are encrypted via an insecure direct object reference vulnerability and allows for user enumeration.
618c281cd293dfb71e842366efeeddc1f0dae18a8875e74149d2084d9cb32a1eRed Hat Security Advisory 2015-0938-01 - OpenStack Image Service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. Multiple flaws were found in the glance task API that could cause untracked image data to be left in the back end. A malicious user could use these flaws to deliberately accumulate untracked image data, and cause a denial of service via resource exhaustion.
8a77633d2a9686392c1ed9f581eaf3034f9af7f313fa11debbbc9aa4392cf265Ubuntu Security Notice 2597-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
d0d7003df0fa18a33c041a905a2eb7307545321e7ce264bdbf46257709a12e9fUbuntu Security Notice 2598-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
e41f6861fc4c07d2bad2dfcf84d484a9a576146c997ba65cbe9ee9c9acd1e098Ubuntu Security Notice 2599-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
6e56b2dfa07edb41e3e53ee72342001afc9de03ee9f8ff0f76eabcd893419061Ubuntu Security Notice 2600-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
d731cce6bc09a061bbadd1c28873361734801228cf24f5a6bb1a21c5e6f15c72Ubuntu Security Notice 2596-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
37299381b0e088a96de6a9d501af846fd4675f99e223f4ff472b3d021bdfcfceUbuntu Security Notice 2601-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges.
4ff1b0a01f949177c8dc9a413b02118d7bb0c37bb6667b10b5966fe2847e0ffcMandriva Linux Security Advisory 2015-230 - Squid configured with client-first SSL-bump does not correctly validate X509 server certificate domain / hostname fields.
c14ef8d66d6ecdb79a742a0b4b5f418c690959ebf030b5cf3dcf631856a76361Mandriva Linux Security Advisory 2015-229 - It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code.
b95ad09280de8c60ea8404a7c7fd41ee72aad044ca4c4cd46cdf6f916c05b0ebMandriva Linux Security Advisory 2015-228 - It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges. The libuv library is bundled with nodejs, and a fixed version of libuv is included with nodejs as of version 0.10.37. The nodejs package has been updated to version 0.10.38 to fix this issue, as well as several other bugs.
9493e9bfb065d44360ce1b5e261bc87ab3e33d151d072f83b0fd746027a63318When a response for a request with a request body is returned to the user agent before the request body is fully read, by default Tomcat swallows the remaining request body so that the next request on the connection may be processed. There was no limit to the size of request body that Tomcat would swallow. This permitted a limited denial of service as Tomcat would never close the connection and a processing thread would remain allocated to the connection. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.8, 7.0.0 to 7.0.54, and 6.0.0 to 6.0.43.
1ad1eefef30402ac2fe3a0012efc3d875f14db6ddf39ce0f35dd36949d4a85ea
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed