Mandriva Linux Security Advisory 2012-070 - A file existence disclosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.
f73e89882b6346ed93095ab15bfe3217fa69a9be28af45eabd68ea7d46a92cfaWebrelations suffers from a remote SQL injection vulnerability.
3338ab0fcab8b4404f9adb5c9fe003468f9df14c4f0659aaf810f69155a928ecTrombinoscope versions 3.5 and below suffer from a remote SQL injection vulnerability.
35520837705b4781429f47c3e17d1f0dfb67f61bfd7850f5184538c3821344a1Kerweb versions prior to 3.0.1 and Kerwin versions prior to 6.0.1 suffer from multiple cross site scripting vulnerabilities.
da82415950014f438ea0f084eea8cec6c1798b0f0572777f3af31801a8422fd9PHP CGI argument injection exploit that executes phpinfo.
daeb47531565780f54721f96c499e217cb6e531ed0d426e6ce10b0e3d6c0422bSymantec Web Gateway suffers from a cross site scripting vulnerability.
4a4b3d7ca93ab14cafeac515271b34feae8de6d556145357262cda8aa7e4bce1Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
f31e0809e97fed081991363a843f86a0b59402454ca4f03f3b202a4729c048c8Mandriva Linux Security Advisory 2012-069 - A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.
b43d6952e069ab1c764cbca75c6c3956e4fbed97ca5cf8d5101e51452823a6f3This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.
334c947d960799417387ce8f1c27188fc7f859bd204b9dc50890663d07a20fbaWordPress version 3.2.2 may suffer from a stored cross site scripting vulnerability.
2ebcbd38023e368339ade1b119d6971e1e6b68217c6ad6a2682302840b7da0a9MYRE Real Estate Mobile 2012|2 suffers from cross site scripting and remote SQL injection vulnerabilities.
3c464786d45e0e7365269ad04921b1dfc59a125b6575b9c2ff905267645c4f41The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven. In the event that arbitrary code execution in the VMX process is possible, kernel privileges can be obtained on a Windows host by abusing the VMX process's special access to a VMware driver, meaning the maximum possible impact of this vulnerability is elevation from unprivileged guest code execution to host kernel code execution.
faaa583588ea28e78dd0709b7d226804732abda76965a7dc1e8370600d08440fThis Metasploit module exploits a SQL injection found in Solarwinds Storage Manager login interface. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM.
f0082fe343289cee7851fb985c1987add9c8ebcb058523260ad6c25997867acfWhen run as a CGI, PHP up to version 5.3.12 and 5.4.2 is vulnerable to an argument injection vulnerability. This Metasploit module takes advantage of the -d flag to set php.ini directives to achieve code execution. From the advisory: "if there is NO unescaped '=' in the query string, the string is split on '+' (encoded space) characters, urldecoded, passed to a function that escapes shell metacharacters (the "encoded in a system-defined manner" from the RFC) and then passes them to the CGI binary."
b19f8f4342eff5bad4cc51580c640170655b2809104d5e7835692a1eb116a923Ubuntu Security Notice 1430-3 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
75654ded8481dbb251091cce64d0113fb3418ecb48497474f0279338d1aa928dDebian Linux Security Advisory 2459-2 - The recent quagga update, DSA-2459-1, introduced a memory leak in the bgpd process in some configurations.
b954ad008ccfa5e3a0dbee09eaa7d47d98f98c3c657670892ac259c2d0552c0dUbuntu Security Notice 1437-1 - It was discovered that PHP, when used as a stand alone CGI processor for the Apache Web Server, did not properly parse and filter query strings. This could allow a remote attacker to execute arbitrary code running with the privilege of the web server. Configurations using mod_php5 and FastCGI were not vulnerable.
38f9d764d6c2cf212c5eff43704012fdf52ff4fe7d6dd5988c81045cf41f1f3a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed