A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle. Directory traversal in the path of the zipped contents allows an attacker to write a controlled file to an arbitrary path as the system user.
c3c06ce6ad0f16ab90edf812be408f97
Red Hat Security Advisory 2015-1945-01 - Kubernetes allows orchestration and control of Docker containers as used in OpenShift Enterprise 3. Kubernetes fails to validate object name types before passing the data to etcd. As the etcd service generates keys based on the object name type this can lead to a directory path traversal.
a884cc53fba5b2967bb7d1c8f3363ce3
Ubuntu Security Notice 2783-1 - Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Various other issues were also addressed.
924d6e074f0eb79a0daf06957f52ed92
RootedCON 2016 Call For Papers - RootedCON is a security congress that will take place between March 3rd to the 5th, 2016 in Madrid (Spain).
dcdda37fad327d172074f1d1938d8516
Oracle E-Business Suite suffers from a cross site scripting vulnerability. Version 12.1.4 is affected.
1154e61cd16ff7a90122fe7f1dce33cc
Oracle E-Business Suite suffers from a remote SQL injection vulnerability. Versions 12.1.3 and 12.1.4 are affected.
a6a3ab99d62a1672d3815d61be3b46af
There is a script in EBS that is used to connect to the database and displays the connection status. Different connection results can help an attacker to find existing database accounts. Version 12.2.4 is affected.
370b0a01fc2ba596cbce7864cc55aadb
Ubuntu Security Notice 2782-1 - Gabriel Campana discovered that Apport incorrectly handled Python module imports. A local attacker could use this issue to elevate privileges.
c25e380ba3e419de3e80aa77e8cb7e21
Red Hat Security Advisory 2015-1943-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory and CPU. This issue was discovered by Daniel P. Berrange of Red Hat.
ac3a5a46f2a973f578a75a88247c20bb
Red Hat Security Advisory 2015-1931-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory and CPU. This issue was discovered by Daniel P. Berrange of Red Hat.
e4912b5ee4c9efe598023e8801892f8c
Joomla remote SQL injection mass exploitation tool that affects versions 3.2 through 3.44.
a4e9ab5ee1c76e10e97f89aaa607095e
Red Hat Security Advisory 2015-1930-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server. It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that client to make multiple steps larger than the panic threshold, effectively changing the time to an arbitrary value.
0b6d1f9ad970bdef99fb5d146f781415
Ubuntu Security Notice 2781-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.46 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.27. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
043bbd46143f9be1c5ef8eab3c544ba9
This Metasploit module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).
dc4258c8896b5eff92876ba20f531ffd
This Metasploit module exploits Th3 MMA mma.php Backdoor which allows an arbitrary file upload that leads to arbitrary code execution. This backdoor also echoes the Linux kernel version or operating system version because of the php_uname() function.
26766b958880f49852cf7d50e27b5f16