Versions of udev < 1.4.1 do not verify that netlink messages are coming from the kernel. This allows local users to gain privileges by sending netlink messages from userland.
a339530d415e4d147ac5e6556a603790385a27c54518e11e95069181161f0615
This Metasploit module exploits a vulnerability found in qdPM - a web-based project management software. The user profile's photo upload feature can be abused to upload any arbitrary file onto the victim server machine, which allows remote code execution. Please note in order to use this module, you must have a valid credential to sign in.
f5f6ba93d6feeeed1d320115b76b89c669688a7089990888c0aafa5f2993314c
Ubuntu Security Notice 1565-1 - Thomas Biege discovered that the Horizon authentication mechanism did not validate the next parameter. An attacker could use this to construct a link to legitimate OpenStack web dashboard that redirected the user to a malicious website after authentication.
812f48cccf540f40acdfa9f208f5a9fc6997a10f42d0192b5df2b1fe2ec4f1e2
Ubuntu Security Notice 1564-1 - Dolph Mathews discovered that when roles are granted and revoked to users in Keystone, pre-existing tokens were not updated or invalidated to take the new roles into account. An attacker could use this to continue to access resources that have been revoked.
a0585a27790aa493dcd3b0422e1b3b22791dccdfb16386176e89ac47dfb086ff
Debian Linux Security Advisory 2548-1 - Severel vulnerabilities have been discovered in Tor, an online privacy tool.
7c12c1bb198059f418d98a783d17c970ceac8c78f4b178312dd97b0621450b41
Red Hat Security Advisory 2012-1265-01 - libxslt is a library for transforming XML files into other textual formats using the standard XSLT stylesheet transformation mechanism. A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
9920cb411b2c3aa2362ffe225a52581712a70d0901996f2acabf529dcdc400d4
Red Hat Security Advisory 2012-1263-01 - PostgreSQL is an advanced object-relational database management system. It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations. An unprivileged database user could use this flaw to read and write to local files and remote URLs they would otherwise not have access to by issuing a specially-crafted SQL query.
56815e3f6c74e90aad1fc30e0b05b48e7a3e672cd78f7b2f9630ab9db203ab87
Red Hat Security Advisory 2012-1264-01 - PostgreSQL is an advanced object-relational database management system. It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations. An unprivileged database user could use this flaw to read and write to local files and remote URLs they would otherwise not have access to by issuing a specially-crafted SQL query.
9529a3b496c076b9fdf2ba1c92ec057945d0620a3e4c76543bddf61155b5f5b9
Red Hat Security Advisory 2012-1261-01 - D-Bus is a system for sending messages between applications. It is used for the system-wide message bus service and as a per-user-login-session messaging facility. It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the D-Bus library. Note: With this update, libdbus ignores environment variables when used by setuid or setgid applications. The environment is not ignored when an application gains privileges via file system capabilities; however, no application shipped in Red Hat Enterprise Linux 6 gains privileges via file system capabilities.
2fe96101f99eb2291e6510b5544d7a0828b7b2f84e24ba06f09f3b0c8005cd8a
Red Hat Security Advisory 2012-1262-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way QEMU handled VT100 terminal escape sequences when emulating certain character devices. A guest user with privileges to write to a character device that is emulated on the host using a virtual console back-end could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.
11979e71f57cd7fa51e61d9196b4b841df1d1259804ccd26b3beef5ccec7db4a
Ubuntu Security Notice 1566-1 - It was discovered that Bind incorrectly handled certain specially crafted long resource records. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
b74563c6dca9a227ad5695d5f517c3cabcaf41f15e3beeeee490cd11f74318a0
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
eca2eafd31b73f79158ba4318dcdb341d71a40f8cdc578fd284dec7337fc4348
Secunia Security Advisory - Red Hat has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
fdd0541762daeee1ae4e140e2753b907f1ac7cc20c6a8ff49a2af413c9edffc3
Secunia Security Advisory - Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
4078e6fd3d547dccf8219790403f0da299fde4555905d25d398b9d069cdc1399
Secunia Security Advisory - SUSE has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
f346d77823d582fee3f9464a0a08aa42d956d2d07003d979a0f515af82b2ddee
Secunia Security Advisory - A vulnerability has been discovered in OpenX, which can be exploited by malicious people to conduct SQL injection attacks.
feb24792c980628707ece07113220a680d7a33410c6d894e8b6ff45a344807ee
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
daeee9fbd165a39a7652dea20581b792c4fc5312ec603b1e4992c32a3f3e1e1d
Secunia Security Advisory - A security issue has been reported in Cisco ASA-CX Context-Aware Security and Cisco Prime Security Manager (PRSM), which can be exploited by malicious people to cause a DoS (Denial of Service).
47633728611472e4f2c904235b8082fc1a5f888ee8bd29ba8fe0262bf2c9281b
Secunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
7fc861703725c8b69d5cdafd18cf5f10957b777da22ad7756f9cf26929c74357
Secunia Security Advisory - A vulnerability has been reported in the Mass Contact module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
6b64de941342344eb1b77b5fe50954e05257d1e0c4706eebb120aa6b4ed611a2
Secunia Security Advisory - A security issue has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
4d950a5afe2f6858232b2e5cb2aead375129d65ee76d23296e010a4fa2c98752
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome for Android, which can be exploited by malicious people to disclose certain sensitive information and conduct cross-site scripting attacks.
b2267ee79b0e51d589d36f412606dd8ceb1da3d0b9ac2cf42ff186a5871687a5