Ubuntu Security Notice 1758-1 - It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
fc396be00725ab95d22e9cf1d886ab13cc19aa4e976e77848cc98d6af080fd25GroundWork Monitor Enterprise version 6.7.0 suffers from remote SQL injection, file disclosure, command injection, and cross site scripting vulnerabilities. This is the second of two advisories documenting all the issues in GroundWork. Detailed proof of concepts were removed by the author because GroundWork is refusing to fix the underlying security issues.
dee12f394845970be25c5bec4cdb8f4b96ef27fcdb45f2b56195fa023bcfd2a5GroundWork Monitor Enterprise version 6.7.0 suffers from insufficient authentication, file disclosure, file modification, cross site scripting, XML external entity injection, command injection, and various other vulnerabilities. Detailed proof of concepts were removed by the author because GroundWork is refusing to fix the underlying security issues.
96c7a6d3d01751ea9ff17e2fa08b0d6e1ef1b0d0d735f08fb7964d7f9ea4c83eMandriva Linux Security Advisory 2013-021 - Multiple security issues were identified and fixed in OpenJDK. The 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via vectors that trigger a write of arbitrary memory in the JVM, as exploited in the wild in February 2013. Unspecified vulnerability in the 2D component in the Java Runtime Environment component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493. The updated packages provides icedtea6-1.11.9 which is not vulnerable to these issues.
5b454321a55eb475ee4170f49c5dd25c68794fe01d96b8252b64fbb67b52fb24McAfee Vulnerability Manager version 7.5 suffers from a cross site scripting vulnerability due to improperly sanitizing user-supplied Cookie values.
566957c0cfaab8f9b783af3bdf8496ff6eb513ff719e2c486f97028c19b84632Mandriva Linux Security Advisory 2013-020 - Multiple vulnerabilities was found and corrected in Wireshark. Fixes focused on infinite loops and crashes in various dissectors. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
b7b8f054f36ad8b61ab799052c446d8acca39e071ad2fabfc93334ad794194a5Red Hat Security Advisory 2013-0614-01 - XULRunner provides the XUL Runtime environment for applications using the Gecko layout engine. A flaw was found in the way XULRunner handled malformed web content. A web page containing malicious content could cause an application linked against XULRunner to crash or execute arbitrary code with the privileges of the user running the application.
38973fe391c8b58afe213772184b5dc17c5bce2b4f8ae96ce3d50714da12e38aThis Metasploit module exploits a directory traversal vulnerability that allows arbitrary file creation, which can be used to execute a mof file in order to gain remote execution within the SCADA system.
cb4ca7e2b6ed001985ac60257eb7224986eb62545c9d0e35bf5632761adc890bThis Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The vulnerability exists with a group number extracted from the CNCT information, which is sent by the client, and whose size is not properly checked. This Metasploit module uses an existing call to memcpy, just prior to the vulnerable code, which allows a small amount of data to be written to the stack. A two-phases stackpivot allows to execute the ROP chain which ultimately is used to execute VirtualAlloc and bypass DEP.
7de29ccbc4fc0af57c3834340b87fbe2ce27419e8888190bc1a4620767590552Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6f3ccd7369f578df4ea22d0f7448568f9ac35af0c3b64afebcda5861951bbb6eHP Security Bulletin HPSBGN02854 SSRT100881 - Potential security vulnerabilities have been identified with HP Intelligent Management Center (iMC Standard and Enterprise Editions), HP Intelligent Management Center for Automated Network Manager (ANM), iMC TACACS+ Authentication Manager (TAM), and iMC User Access Manager (UAM). The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS), remote code execution, and remote disclosure of information. Revision 1 of this advisory.
0ac63d7c8bd7939657d0c6cb9ab8758d89e0159d5c09f9d5fe9646bc7969beb1Mandriva Linux Security Advisory 2013-019 - A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website. This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746. The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. The updated packages have been patched to correct these issues.
0aa58a05023ecaae15a6d536a958775447e0d5df7c99b2a7e6c3cf316869b997HP Security Bulletin HPSBPI02851 SSRT101078 - A potential security vulnerability has been identified with certain HP LaserJet Pro printers. The vulnerability could be exploited remotely to gain unauthorized access to data. Revision 1 of this advisory.
384d168c76042dadca1eb0fd82ad80e7b86ae67cca964e1cdf87ba039e20f8bcThis is a demonstration cross site request forgery exploit for Question2Answer that also takes advantage of an insufficient anti-automation issue.
e8a626660486f464fd58c9ab8052bbb89a6150a1f60768dade0cfcad6e8669e4ALLMediaServer version 0.94 SEH overflow exploit that spawns calc.exe.
581d11bf437584999c610e53bfc9f899cf4e9ab8f2b4079740da0b9dff03d908Google Fusion Tables suffers from a cross site scripting vulnerability.
c519dac8f756067d0fa8add23bde2f82d6721b4e72018779151d20aa116ec072Slackware Security Advisory - New sudo packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-1775,CVE-2013-1776.
0756d6ac674176840736b20e3a780b4c015680c196a06f38bf65f1c511e7f822HP Security Bulletin HPSBMU02849 SSRT101124 - A potential security vulnerability has been identified with HP ServiceCenter. The vulnerability could be remotely exploited to allow a remote Denial of Service (DoS). Revision 1 of this advisory.
941d692cbf8b313cef9e596c9ba62ef5bdfa2eeab1be233d72bdcd9355c885a9Ubuntu Security Notice 1755-2 - USN-1755-1 fixed vulnerabilities in OpenJDK 6. This update provides the corresponding updates for OpenJDK 7. It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. Various other issues were also addressed.
f6df39f955594ea9216c4b8dd6ae813b8290b144bf93b3ea8c98f431ac8ef370Red Hat Security Advisory 2013-0613-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that the GateIn Portal export/import gadget allowed an export ZIP to be uploaded and imported to a site without authentication. A remote attacker could use this flaw to modify the contents of a site, remove the site, or modify access controls applied to portlets in the site.
ea45d5058310a1479dff0e4483ee59cab6438a0aebb64173c6ff232e7ed8ddb0Red Hat Security Advisory 2013-0612-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. It was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted code to modify arbitrary, trusted strings, which safe level 4 restrictions would otherwise prevent.
32e3a547a3c0a24367f1996785cb9cda8c3f06349a10fc8e3db711bfb8a5421dRed Hat Security Advisory 2013-0611-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. All users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.
c3980a088e566cc19050f1da5ff225025caeb15e2f077158cb8730b7a09d6a12Red Hat Security Advisory 2013-0610-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. All users of qemu-kvm-rhev are advised to upgrade to these updated packages, which correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
f9283d87e85e0d4f8a1880b89b72c5d932cd753099d7ea82160e3a865ca280baRed Hat Security Advisory 2013-0609-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. All users of qemu-kvm should upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.
1b51b67d705de66bc4ced0edf093badfa1d4adcea70ebbf5ce1ddf20b5d9d3d1Red Hat Security Advisory 2013-0608-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. All users of kvm are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Note that the procedure in the Solution section must be performed before this update will take effect.
f2e010070aad2343f47b3e482e950b8c4228c64cb7b9aaf1697885a65a553a9c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed